DOCUMENT RESUME 



IR 019 535 

Schienbein, Ralph 

Network Design: Best Practices for Alberta School 
Jurisdictions . 

Alberta Dept, of Education, Edmonton. 

ISBN- 0-7785 -0324-0 
1999-02-00 

llOp.; A publication of the School Technology Task Group. 
Learning Resources Distributing Centre, 12360-142 St., 
Edmonton, Alberta, Canada T5L 4X9; Tel: 780-427-5775; Fax: 
780-422-9750; Web site: 

http : / / ednet . edc . gov . ab . ca/ technology/ 

Reports - Descriptive (141) 

MF01/PC05 Plus Postage. 

Computer Interfaces; *Computer Networks; *Computer System 
Design; *Computer Uses in Education; Elementary Secondary 
Education; Foreign Countries; Glossaries; Information 
Networks; Models; Online Systems; Performance Factors; 
Systems Analysis; World Wide Web 

Alberta; Computer Industry; Web Sites; *Wide Area Networks 



This report examines subsections of the computer network 
topology that relate to end-to-end performance and capacity planning in 
schools. Active star topology. Category 5 wiring, Ethernet, and intelligent 
devices are assumed. The report describes a model that can be used to project 
WAN (wide area network) connection speeds based on user traffic, describes 
end-to-end performance issues, characterizes and identifies tools for online 
analysis, describes how network traffic has an impact on network design as 
well as computer architectures, provides basic metrics where available, and 
identifies industry trends. The introduction discusses end-to-end 
performance, WAN connection, and bandwidth model. A WAN analysis is then 
presented, describing: tools; packet size; performance monitor; WAN traffic; 
WAN equity; shared bandwidth; cache server; multiple WAN connections; subnets 
and filters; case analysis; pornography, hackers, and other problems; and 
diagrams and documentation. A section on layers and computer performance 
covers the central processing unit, memory, network interface card, greening, 
hard disk subsystem, graphics subsystem, and motherboards. A glossary of 
terms is provided. Links to relevant World Wide Web sites, the structure of 
the Alberta Education home page, and a list of related Alberta Education 
resources are appended. Also appended are several configuration diagrams and 
illustrations of displays. (AEF) 



ED 429 574 

AUTHOR 

TITLE 

INSTITUTION 

ISBN 

PUB DATE 
NOTE 

AVAILABLE FROM 



PUB TYPE 
EDRS PRICE 
DESCRIPTORS 



IDENTIFIERS 

ABSTRACT 



********************************************** 

* Reproductions supplied by EDRS are 

* from the original 
********************************************** 



******************************** 
the best that can be made 
document . 

******************************** 



* * 
* 
* 

* * 




NETWORK DESIGN 



Best Practices 

For Alberta School Jurisdictions 

February, 1999 



“PERMISSION TO REPRODUCE THIS 
MATERIAL HAS BEEN GRANTED BY i 

C . Andrews 



BEST COPY AVAILABLE, 




\ 

U.S. DEPARTMENT OF EDUCATION 
Oifice of Educational Research and Improvement ’ 
EDUCATIONAL RESOURCES INFORMATION , 
CENTER (ERIC) , 

□ This document has been reproduced as ! 
received from the person or organization 
originating it. 

□ Minor changes have been made to | 

improve reproduction quality. 



• Points of view or opinions stated in this 
document do not necessarily represent 
official OERI position or policy. 



TO THE EDUCATIONAL RESOURCES 
INFORMATION CENTER (ERIC). ' 

V . , _ . 

/dlberia 

EDUCATION 



ALBERTA EDUCATION CATALOGUING IN PUBLICATION DATA 



Alberta. Alberta Education. 

Network design : best practices for Alberta jurisdictions. 

Available in electronic format on the World Wide Web: 

URL: http://ednet.edc.aov.ab.ca/technoloav/ 

ISBN 0-7785-0324-0 

Computer networks - Alberta - Design. 2. Schools - Computer 
networks - Alberta. 3. Internetworking (Telecommunication) - Alberta. 
I. Title. 

TK5105.5.A333 1998 621.381 



Additional copies are available through: 

Learning Resources Distributing Centre 
12360-142 Street 

Edmonton, Alberta, Canada T5L4X9 
Telephone: 780-427-5775 

Facsimile: 780-422-9750 



For more information, contact: 

Bonnie Brooks 

School Technology Task Group 
Alberta Education 
11160 Jasper Avenue 
Edmonton, Alberta, Canada T5K 0L2 
Telephone: 780-427-9001 

Facsimile: 780-415-1091 

To be connected toll free outside Edmonton, dial 310-0000. 



The primary intended audience for this framework is: 



Administrators 




Counsellors 




General Audience 




Information Technologists 




Parents 




Students 




Teachers 





Copyright © 1999, the Crown in Right of Alberta, as represented by the Minister of Education. 
Alberta Education, School Technology Task Group, 11160 Jasper Avenue, Edmonton, Alberta, 
Canada, T5K 0L2. 

Permission is given by the copyright owner to reproduce this document, or any part thereof, for 
educational purposes and on a nonprofit basis. 



er|c 



3 



PREFACE 



This report has two different target audiences: school principals and technology 
co-ordinators. Since these two audiences often have very different levels of knowledge 
and understanding, this report will be too technical for some and not technical enough 
for others. Nonetheless, I hope all readers will learn from it, and be in a better position 
to make informed decisions about issues that have an impact on network performance 
and design. 

Tools cited in this report are those available in the author’s school jurisdiction and those 
that are inexpensive for the end user. The scope of this report does not include a review 
of software products. Therefore, the mention of any particular commercial product 
in this report is not intended as an endorsement. 

- Ralph Schienbein 



NETWORK DESIGN 



PREFACE I" 



ACKNOWLEDGEMENTS 



Alberta Education wishes to acknowledge the contributions of the following individuals: 



PROJECT DIRECTOR 

Terry Gunderson 


Superintendent 

Elk Island Public Schools Regional Division No. 14 


AUTHOR 

Ralph Schienbein, PhD. 


Co-ordinator, Standards, Research and Development 
Elk Island Public Schools Regional Division No. 14 



SCHOOL TECHNOLOGY ADVISORY COUNCIL MEMBERS DURING DEVELOPMENT 



John Travers (Chair) 
Peter Balding 
Marika Bourque 
Bonnie Brooks 
George Buck 
David Burch 
Edna Dach 
Jack Dale 
Peter Darby 
John Darroch 


Alberta Education 

Black Gold Regional Division No. 18 
Calgary School District No. 19 
Alberta Education 
Universities Co-ordinating Council 
Alberta Home and School Councils’ Association 
Elk Island Public Schools Regional Division No. 14 
Calgary School District No. 19 
Chinook's Edge School Division No. 73 
. Palliser Regional Division No. 26 
College of Alberta School Superintendents 


Dale Erickson 
Chris Farthing 
Toni Hafso 
Gary Heck 
Harry Henshaw 
Robert Hogg 


Alberta School Boards' Association 
Edmonton Catholic Regional Division No. 40 
Alberta Education 
Lethbridge School District No. 51 
Alberta Education 

St. Albert Protestant Separate School District No. 6 
The Alberta Teachers' Association 


Maurice Hollingsworth 
Judi Hunter 
Glen Johnson 
Doug Knight 
Catherine Kullman 
Norma Nocente 
John Percevault 
Archie Pick 
Doug Pudwell 


Palliser Regional Division No. 26 

Calgary School District No. 19 

Edmonton School District No. 7 

Alberta Education 

TELUS Learning Connection 

Universities Co-ordinating Council 

Grande Yellowhead Regional Division No. 35 

Alberta Chamber of Resources 

Medicine Hat School Division No. 76 

Association of School Business Officials of Alberta 


Randy Rudd 


Pembina Hills Regional Division No. 7 
College of Alberta School Superintendents 


Ralph Schienbein 
Jacqueline Skytt 
Ron Sohnie 
Gary Spence 
Lonnie Springer 
Mary Stephenson 
Barbara Stevenson 


Elk Island Public Schools Regional Division No. 14 

The Alberta Teachers' Association 

Alberta Education 

Wolf Creek School Division No. 72 

Calgary Roman Catholic Separate School District No. 1 

Alberta Chamber of Commerce 

Calgary School District No. 19 

The Alberta Teachers' Association 

5 


NETWORK DESIGN 


ACKNOWLEDGEMENTS v 



Paul Stevenson 
Arwin van Voorthuizen 



Horizon School Division No. 67 
Alberta College of Art 

Council of Presidents of Public Colleges and 
Technical Institutes of Alberta 



RESOURCE PERSONNEL 

John Hogarth 
Peter Wright 



ConsultNet 
University of Alberta 



O 

ERIC 



VI NETWORK DESIGN 



ACKNOWLEDGEMENTS 



TABLE OF CONTENTS 



Executive Summary 1 

Introduction 7 

Performance Is An End-to-End Issue 7 

Purpose and Objectives 7 

End-to-End Performance 9 

WAN Connection 1 1 

Bandwidth Model 11 

WAN Analysis 17 

Tools 17 

Packet Size 18 

EIPS WAN Analysis — Packet Size 21 

EIPS WAN Analysis — Performance Monitor 25 

WAN Traffic — Content 27 

WAN Equity 30 

Shared Bandwidth — The Case for a Switch 33 

Cache Server 34 

Multiple WAN Connections 38 

Subnets and Filters 39 

Case Analysis — ^^Listening to the Radio 41 

Pornography, Hackers, and Other Unmentionables 43 

Diagrams and Documentation 45 

WAN Analysis Summary 45 

Layers and Computer Performance 47 

Central Processing Unit 47 

CPU Metrics 48 

State of the Art 51 

Memory 53 

Network Interface Card 53 

Greening 59 

Hard Disk Subsystem 60 

Case Analysis: CD Server on HD 67 

Graphics Subsystem 67 

Motherboards 70 

Layers and Computer Performance Summary 72 

Summary 73 

Glossary of Terms 75 

Appendix A: Useful Links 85 

Appendix B: Alberta Education Web Site Home Page 87 

Appendix C: NetMedic Output 89 

Appendix D: HP OpenView 91 

Appendix E: AGNPac Analysis 93 

Appendix F: Technically Elite RMON Probe Mware Software 95 

Appendix G: Firewall-1 Analysis 99 

Appendix H: Ethernet Packet 101 

Appendix I: Jurisdiction Documentation 103 

Appendix J: Analysis of Internet Traffic With Over 500,000 Bytes: 1 07 

Appendix K: Related Alberta Education Resources 1 09 

7 



NETWORK DESIGN TABLE OF CONTENTS vii 



LIST OF TABLES 



T able 1 : WAN Connection Speeds 12 

Table 2: Download Times for Various Numbers of Users 1 3 

Table 3: Ethernet Packet 19 

Table 4: Internet Packet Analysis 23 

T able 5: Su mmary of T raffic by Service 29 

T able 6: Su mmary of T raffic by File T ype 29 

Table 7: School Bandwidth Projection 30 

Table 8; School Bandwidth Estimation 31 

Table 9: Cache Site Analysis 36 

Table 10: ".com" Cache Analysis 37 

Table 1 1 : Filter Address and Mask 40 

Table 12: Disk Speed Metrics 62 

Table 13: Sample Disk Drive Specifications 63 

Table 14: WinBench98 Disk results 64 

Table 15: Graphic RAM Requirements 68 

Table 16: Comparison of Graphics Cards 69 

Table 17: Firewall-1 Access Accounting Database (sorted descending on bytes) 

Source IP suppressed 100 



8 



NETWORK DESIGN 



LIST OF TABLES ix 



LIST OF FIGURES 



Figure 1 : Layered View of Network Design 8 

Figure 2: Relative "Pipesizes": 1 0, 1 00, 1 000 Mbps 8 

Figure 3: End User Accessing a Server Through a LAN and WAN 9 

Figure 4: End-to-End Block Browser Diagram 1 0 

Figure 5: Trace Route from User to Alberta Education 1 0 

Figure 6: Alberta Education Web Site Home Page 14 

Figure 7: Alberta Education Header 14 

Figure 8: RMON Packet Size Trend (15-Second Sample, March 6, 1998) 22 

Figure 9: Internet Packet Sizes 24 

Figure 1 0: Performance Monitor of 256 Kbps from Ethernet 25 

Figure 1 1 : FTP on WAN and Local NIC 27 

Figure 12: WAN Traffic by Site 28 

Figure 1 3: Hub versus Switch 34 

Figure 14: Cache Server 35 

Figure 15: Multiple WAN Connections from a School 38 

Figure 16: Filter on Address/Protocol 40 

Figure 17: Live Radio 42 

Figure 18: A Firewall-1 Rule 43 

Figure 1 9: Audible Alert 44 

Figure 20: CPU Utilization: Moving a Window and Launching an Application 49 

Figure 21 : File Transfer Through a NIC 55 

Figure 22: File Transfer Through NIC — Non UW 56 

Figure 23: Packet Size Trend 57 

Figure 24: Utilization and Packet Rate 58 

Figure 25: NIC-Disk Transfer Rates 59 

Figure 26: Alberta Education Web Site Home Page File Sizes 87 

Figure 27: NetMedic Web Page 89 

Figure 28: NetMedic Panel 90 . 

Figure 29: Elk Island Internet Traffic — 1 week 91 

Figure 30: Elk Island Internet Traffic — 1 day (expanded from previous) 91 

Figure 31 : Grande Cache Frame Relay Circuit Utilization 93 

Figure 32: Network Utilization in PPS and Percentage 95 

Figure 33: RMON History MIB 96 

Figure 34: RMON History MIB — Tabular Form 96 

Figure 35: Packet Size Trends and Cumulative Statistics 97 

Figure 36: Firewall-1 Log File (source IP suppressed) 99 

Figure 37: Firewall-1 Active Sessions (source IP suppressed) 99 

Figure 38: Ethernet Packet 101 

Figure 39: School Diagram 103 

Figure 40: District-Level Diagram 104 

Figure 41 : Detailed Infrastructure Records 105 

Figure 42: Internet Destinations — January 15, 1998 108 



NETWORK DESIGN 



LIST OF FIGURES x' 



EXECUTIVE SUMMARY 



PLANNING CONSIDERATIONS 

What does a jurisdiction network person, in-school computer person, school principal or 
jurisdiction decision maker need to know about network design, network performance, 
and end-to-end performance? 



Take a “standards” approach to computing. 

> Adopt the computer industry standards that will be used for all local area network 
(LAN) and wide area network (WAN) designs. 

• Use the EIA 568A standard. 

• Use TCP/IP as the standard. Begin to migrate away from other schemes. 

• Establish 1 0/1 00 Mbps as standard for all wiring, network devices, and NICs. 
Test all cables to 100 MBps. 

• Establish “switched to the desktop” as the standard for all sites. 

• Build a physically secure wiring closet with room to expand and sufficient cooling 
to remove heat. 

• Make use of “intelligent” network devices (SNMP and/or RMON) that can be 
remotely monitored. 



Be prepared for rapid change. 

> Recognize that multimedia will become increasingly important and pervasive in 

education. 

• When computers are being purchased, require benchmark results. 

• Contain complexity by reducing the number of types of computers and versions 
of software at a site. Change whole schools or departments at the same time. 

• Plan for large increases in internal and external network traffic. Not only will 
e-mail increase in size and amount, but audio and video will also become more 
pervasive. 

• Buy technology that will preserve long-term flexibility. 

• Plan for your WAN connections to change in capacity and/or number of access 
points. Do not expect that slower speeds can be maintained for years to come. 

• Monitor Internet traffic. 




NETWORK DESIGN 



EXECUTIVE SUMMARY 1 



Build the internal infrastructure with the “enterprise” in mind. 



> Develop a network that is both functional and scalable. "Functional" refers to 

acceptable latency for the task and "scalable" refers to the ease of increasing 

bandwidth on the WAN as well as reconnecting within the LAN. 

• Act locally but think jurisdiction or enterprise-wide. Decisions about networks, 
computers, and software should not reside exclusively at the school level. 

• Understand that, in a jurisdiction environment, all school Internet traffic and 
external e-mail has an impact on all other users in the jurisdiction. 

• Become “student-centric” and “network-centric” at the same time. Doing so will 
ensure that you begin to examine home-to-school network traffic, school-to- 
school traffic, home to other levels of educational institutions’ traffic, and so on. 

• Record all IP addresses and MAC (Ethernet) addresses at the time a computer is 
received. 

• Maintain a wiring diagram for your facility so others can determine where the 
cables run. 

• Physically separate administrative and student traffic. Make use of filters and 
other network techniques to provide security.- 

• Do not re-invent the wheel. Consult with other users around the province about 
the kinds of software being used before establishing a direction. Join and 
participate in Alberta Education's listserver < edc-techplanaroup@aov.ab.ca >. 



Adopt an end-to-end point of view. 

> Examine the network from the users’ point of view. Performance is an end-to-end 
decision made up of the local computers, local area network, and wide area network 
connection. 

• Determine the computers and appropriate subsystems required (disk, graphics, 
memory, network cards) for the tasks to be carried out. 

• Choose network devices that ensure security of data. 

• • Choose servers for bandwidth conservation (cache servers), file servers, mail 
servers, domain servers, etc. that are appropriate for the architecture of the 
school. 




er|c 



2 NETWORK DESIGN 



EXECUTIVE SUMMARY 



Make use of available tools to monitor the network. 

> Use various emerging tools to assist in monitoring both the LAN and WAN. At this 
time there is no single tool available to analyze all aspects of the problem. 

• Determine what network management software is required for the jurisdiction; 
e.g., HP OpenView. 

• Select performance monitoring tools; e.g., Performance Monitor, NetMedic. 

• Require vendors to submit benchmark results for computers being purchased. 



Recognize that the network will become more essential and complex. 

> Try walking into a staff room after the mail server has gone down and lost mail, or 
after someone has entered payroll data over a WAN link that is too slow. How 
quickly and silently services move from being “interesting and nice” to being 
essential. 

• Plan to hire the specialists in technology that will be required to manage the 
many new services available to schools — domain controllers, file servers, cache 
servers, firewalls, filtering software, software distribution schema, e-mail, etc. 

• Plan to acquire more robust hardware and software as internal and external 
services begin to move from “nice to have” to mission critical.” Redundancy and 
fault tolerant services will devolve to the site level. 

• Do not leave out backups of key files “because we can not afford it.” Consider 
what it means to a school/department to lose their data via hardware failure, 
vandalism, fire, etc. 



Practice “safe software.” 

> Help educators (who tend to be a very trusting group and therefore often share 
software, hardware, and passwords) to understand how such an environment is 
susceptible to illegal copies, viruses, and misuse. 

• Use filtering software to control web content access. 

• Use a firewall software package to protect the site or jurisdiction from the outside. 

• Ensure that all staff use proper password techniques. 

• Remind educators who tend to be “loose” that illegal software use is a crime. 

• Begin the move to “zero administration” of software. By examining the long-term 
costs for software, including installation of updates, one can better justify 
allocation of costs for other things beyond initial costs. 




NETWORK DESIGN 



EXECUTIVE SUMMARY 3 



Actively address funding issues. 

> Consider establishing explicit funding for jurisdiction LANAAfAN support. 

If the author could make only one recommendation, it would be for a change in 
funding to support jurisdiction-wide networks. It is impossible to continue to build 
networks in school jurisdictions as “add-on work” and “add-on expenses” without 
designated funds to support this reality. Trained network professionals are very 
expensive and difficult to obtain, and the problem gets more difficult as the distance 
increases from major urban areas. 

Site-based decision making has many merits. However, building a jurisdiction-wide 
network while funding goes to schools and implementing a cap on central costs 
encourages a “Balkanization” of networks, equipment, and standards. Educators 
need to be free to integrate technology into the curriculum, not kept busy trying to 
keep various generations of hardware and software operational. Often site-based 
decisions will be made for the benefit of a school and not necessarily with other 
schools in mind. 

Smaller schools have difficulty implementing servers and WAN connections capable 
of giving equitable access since their student-based revenues are insufficient. They 
can not generate the funds required to properly acquire, implement, and maintain the 
infrastructure. 

Also, rural schools often can not obtain sufficient bandwidth for the size of the 
school, and the costs for services vary greatly across the province. There is no 
equity on a per student basis across all schools in the province. 

• Schools require resources to support increasingly complex and "mission-critical" 
systems. 

• Supporting an end-to-end network is initially capital intensive and operating 
intensive. 

• The current funding framework, which limits the expenses in central services, 
limits a jurisdiction’s ability to provide central network and computer support. 

• Network staff are expensive to acquire and difficult to retain. Funding for this is 
required. In addition to new money, changes should be made to the amounts of 
funds that can be spent in central services — the logical place for school network 
support. 

• Think “equity” for student access across the jurisdiction. Equity means equal 
opportunity for a student regardless of school size or location. It will be much 
more expensive for smaller and/or rural schools to provide WAN bandwidth than 
it will be for schools accessing urban networks. 

• Schools and jurisdictions should continue to co-operate with other jurisdictions 
around the province to obtain better software prices. 




4 NETWORK DESIGN 



EXECUTIVE SUMMARY 





POLICY ISSUES FOR SCHOOLS AND SCHOOL JURISDICTIONS 

> When staff and students use software that is not essential to their programs and/or 
do an inordinate amount of downloading during peak hours, they overload the 
networks and create problems for other users. Decisions about using one source in 
a computer lab or having each student connected individually have an impact as 
well. For example, using the Internet as a “noon-hour supervisor” can create an 
overload. 

> School jurisdictions continue to struggle with the challenge of providing equitable 
access to technology. (There are variations among large, small, rural, and urban 
schools.) 

> School jurisdictions can avoid re-inventing the wheel and save money by sharing 
information and resources with each other and consulting with Alberta Education. 

For example, there may be opportunities for joint purchasing. 

> Security is a major concern: the educator’s tendency to have a “trusting” attitude can 
be a major problem in this context. 

> Limiting the Internet sites that students are allowed to visit presents a challenge as 
well. Schools have to avoid censoring students’ pursuit of information but at the 
same time act in loco parentis. 

> Technology continues to change rapidly. Also, the cost of owning technology 
(networks, hardware, software, etc.) extends beyond the initial purchase: support 
and maintenance are a part of the cost as well. Therefore, school jurisdictions will 
benefit greatly from long-term planning. 




NETWORK DESIGN 



EXECUTIVE SUMMARY 5 



INTRODUCTION 



PERFORMANCE IS AN END-TO-END ISSUE 

“My computer is slow” and “The network is slow” are typical statements users make to 
computer and network support staff. What they mean is they are trying to do something 
and it is either taking a long time to do it (for any variety of reasons) or it is abnormal. 

The rapid evolution of the Internet has made computing network cen/r/c instead of 
computer centric. Historically, people have concentrated almost exclusively on 
computer clock speed as the measure for performance. It has been said, “When a 
personal computer is put on a network, the personal is removed." 

All parts of a network have an impact on someone at a computer working in a network 
environment. An end-to-end enterprise view of performance and capacity is required. 
This includes the computer itself (CPU, memory, disk, network interface, graphics, etc.), 
the local area network (LAN), components within the LAN such as servers, the wide area 
network (WAN), etc. Each of these can be characterized and/or measured with a variety 
of tools and metrics. 

This report will: 

• Describe a model that can be used to project WAN connection speeds based on 
user traffic. 

• Describe end-to-end performance issues. 

• Characterize and identify tools for on-line analysis. 

• Describe how network traffic has an impact on network design as well as 
computer architectures. 

• Provide basic metrics where available. 

• Identify industry trends. 



PURPOSE AND OBJECTIVES 

Network design is viewed as layers — cabling, network, computers, and a WAN (Figure 
1). Each school/department site can be viewed as having these different layers. While 
this paper does not go into answering the question, “How do you wire a school?” it will 
examine subsections of the topology that have to do with end-to-end performance and 
capacity planning. (See Calgary Public Schools web site < http://www.cbe.ab.ca > for 
more details on wiring). This paper assumes active star topology. Category 5 wiring, 
Ethernet (running 10 Mbps but tested to 100 Mbps), and intelligent devices. 




NETWORK DESIGN 



INTRODUCTION 7 




WAN Layer 



Computer Layer 



Network Layer 



Cable Layer 



FIGURE 1 : LAYERED VIEW OF NETWORK DESIGN 



One of the general design principles for schools is “scalable and flexible.” Adding a 
computer lab with thirty computers has a significant impact on the traffic flow in a school 
network. Scalable means that the network can be easily modified to meet changes 
(increases or decreases) in network traffic. The addition of electronic media such as an 
encyclopedia in the library also introduces significant traffic to a specific area of the 
school, as would a Career and Technology Studies (CTS) lab. The use of audio such as 
RealAudio creates a significant increase in traffic, as does two-way video via 
technologies such as CUSeeMe. The “killer application,” from a capacity planning point 
of view, is the delivery of video in real time. 

A school topology must be flexible enough to be reconfigured as the types of network 
traffic change. It also must withstand designing around specific staff who may move to 
other parts of the building or to another location and are replaced by staff who produce 
significantly different LAN/WAN traffic patterns. 

The overall network traffic in schools is dynamic at any given moment. Traffic will 
change from year to year as well as during various times of the year. Newer multimedia 
technologies will use more bandwidth. The normal practice of secure wiring closets in 
each location is a given. Within this closet it is relatively easy to change a server from 
10 Mbps to 100 Mbps and 1000 Mbps when required (Figure 2). 




FIGURE 2; RELATIVE "PIPESIZES": 10, 100, 1000 Mbps 



O 

ERIC 



8 NETWORK DESIGN 



16 



INTRODUCTION 




r 

‘ f ' 




“T 


l—: t 

Design the nel 
running server 
topology is pla 


[work with 1 0/1 00 Mbps to the desktop, 1 0/1 00 Mbps for segments 
s, and 1000 Mbps for large schools for a backbone segment(s). If the 
nned this way, downstream costs can be reduced or minimized. 





END-TO-END PERFORMANCE 

Assume a user who is browsing a site on the web notices that it takes a long time for the 
desired page to come up on the screen. Often the user attributes this lack of 
performance to either the computer (or more likely) the Internet service provider (ISP). 
The route to the desired server is illustrated in a highly stylized form in Figure 3. 





FIGURE 3: END USER ACCESSING A SERVER THROUGH A LAN AND WAN 



In a typical session on the Internet, the server-client path may be quite complex and vary 
from one web site to another. This complexity is not noticed by the user, who usually 
observes on|y changes in performance. The end-to-end connection is illustrated in a 
different form in Figure 4. While there may be relatively fast (Ethernet or 1 0 Mbps) 
connections from the user computer, there may be any other number of network 
segment speeds between the user and the server. In this case the slowest segment is 
56 Kbps. 



17 

o 

ERIC 



NETWORK DESIGN 



INTRODUCTION 9 




FIGURE 4: END-TO-END BLOCK BROWSER DIAGRAM 



Initial analysis of the network may indicate that the slowest link (56 Kbps) is the source 
of the slow performance. In reality, it could be an overcommitted fast link like the T1 , a 
busy web server, or momentary high use on the local hub the user is attached to. 

Keys to understanding network performance include taking both an end-to-end view and 
a user point of view. For the purposes of this study, the destination site is Alberta 
Education's web site < http://ednet.edc.qov.ab.ca > which is accessible from all schools in 
the province. 

The connection between Elk Island Public Schools (EIPS) and Alberta Education, a 
distance of approximately twenty-five kilometres, is accomplished through nineteen 
segments (“hops”): Sherwood Park, Toronto, Calgary, Edmonton, and then the server 
(Figure 5). The number of hops may vary with each trace. Each hop exhibits different 
latency (delay measured in milliseconds) to the browser session. Notice that three hops 
have relatively large delays — hop 1 3 (Toronto to Calgary) at 781 milliseconds, hop 1 1 at 
581 milliseconds, and hop 18 at 581 milliseconds. In this example, any slowness 
perceived by the user is not within the district but rather at the ISP and within the target 
network. This does not give information about which devices are giving the latency or if 
the specific times were a result of momentary congestion. 



II C;\WINNT\svstem32\CMD.EXE O 



2 


<10 


ms 


<10 


ms 


10 


ms 


FIREU8LL 


3 


<10 


ms 


10 


ms 


<10 


ms 


142.60.100.125 


4 






30 


ms 


40 


ms 


198.53.110.33 


5 


30 


ms 


310 


ms 


201 


ms 


198.53.246.1 


6 


90 


ms 


230 


ms 


491 


ms 


somerouter . iST8R.net [198.53 .254.177] 


7 


50 


ms 


140 


ms 


90 


ms 


somerouter . iST8R.net [198.53 -254.149 ] 


8 


751 


ms 


200 


ms 


131 


ms 


core2 .Toronto . iST8R.net [198 .53.254.145 1 


9 


391 


ms 


390 


ms 


100 


ms 


borderl . can ix. iST8R.net [198 .53 .254.10] 


10 


581 


ms 


160 


ms 


180 


ms 


198.133.49.2 


11 

] 

12 

] 

13 


360 


ms 


391 


ms 


581 


ms 


h4.bbl .tor2 .b4.bbl .tori .uunet .ca [205.150.242.65 


891 


ms 


401 


ms 


160 


ms 


b5 .bbl .tori .b5 .bbl .call .uunet .ca [205.150.132.65 


631 


ms 


841 


ms 


781 


ms 


frcal01-f 8-1 -0-cal-sf 1-net [205.150.143 .18 ] 


14 


280 


ms 


110 


ms 


110 


ms 


fredm01-atm0-0-0-edm-sfl.net [204.209.214.6] 


15 


230 


ms 


130 


ms 


161 


ms 


142.229.63.65 


16 


170 


ms 


311 


ms 


140 


ms 


198.161.6.9 


17 


170 


ms 


160 


ms 


131 


ms 


deucis01 .puss .gou .ab.ca [142.229.61.14] 


18 


220 


ms 


571 


ms 


581 


ms 


199.214.48.130 


19 


300 


ms 


201 


ms 






ednet .edc .gou .ab.ca [142.229 .18 .199 ] 


20 


151 


ms 


150 


ms 


130 


ms 


ednet .edc .gou .ab.ca [142.229 .18.199 ] 


Trace 


complete 


• 










C:\WINNT\systen32> 











FIGURE 5: TRACE ROUTE FROM USER TO ALBERTA EDUCATION 

18 



10 network DESIGN 



INTRODUCTION 




Tool 




n 


I ' 

T race route (trac 
equivalents. 


:ert) is a DOS command available under NT. There are UNIX 





WAN CONNECTION 

Since WAN connections are a purchased service, it is important to buy enough 
bandwidth to meet the needs of the school/jurisdiction. This leads to the questions, 

“How much bandwidth is enough?” and “How can bandwidth be determined?” Three 
models were developed to answer these questions. 

Again, there are design issues to keep in mind. If the school is large and bandwidth may 
grow over the next few years, it would be unwise to size WAN routers and WAN capital 
purchases that do not allow for bandwidth upgrade. For example, a user may change 
from a 56 Kbps to ISDN to fractional T1 to Ethernet in a relatively short number of years 
(particularly in urban areas). This is a flexibility issue as well as one of planning for 
change. 



r 




n 


1— — 

Assume the WA 
the network. 

S — 


N connection will have a shorter replacement time than other layers of 




BANDWIDTH MODEL 

Almost every school in Alberta is connected to the Internet by one of these means: 



analog 


to 56 Kbps 


centrex 


56 Kbps 


ISDN 


128 Kbps 


fractional T1 


256 or 51 2 


T1 


1 .54 Mbps 


Ethernet 


1 0 Mbps 



Some Alberta schools have used satellite (400 Kbps downlink with land uplink), cable 
modems (to 20 Mbps downlink and around 768 Kbps uplink), wireless (2-3 Mbps), 
HDSL/xDSL (early 1998), and AGNpac (Government of Alberta — Public Works, Supply 
and Services). 



O 

ERIC 



19 



NETWORK DESIGN 



INTRODUCTION 11 



Key Concepts 






\ • 

1 byte (B) = 8 bits (1 

1 MB = 1 megabyte 


3). 128 Kbps is 128,000 bits per second. 
. 1 Mb = 1 megabit. 


\ ^ ^ . ■ . ■ ■ ■ : . ■ .' : - . ^ ^ ■ — ^ — - 



The WAN connection size can have a dramatic impact on user response times. Table 1 
illustrates various common WAN connection capabilities and the length of time required 
to download a file. This model was developed in Microsoft Excel and can be utilized to 
estimate bandwidth requirements. This model, used in conjunction with traffic analysis, 
can be used to estimate WAN capacity. 





Bandwidth 


64 byte 


pps 


1518 + 64 


Max 




100 KB 


Type 


Kbps 


pps 


at 80% 


pps 


Bytes per 
second 


Kbps 


#sec 


Centrex 


56 


109 


88 


3.5 


7000 


7.0 


14.286 


ISDN 


128 


250 


200 


8.1 


16,000 


16.0 


6.250 


256 


256 


500 


400 


16.2 


32,000 


32.0 


3.125 


512 


512 


1000 


800 


32.4 


64,000 


64.0 


1.563 


T1 


1540 


3008 


2406 


97.3 


192,500 


192.5 


0.519 


Ethernet 


10,000 


19,531 


15,625 


632.1 


1,250,000 


1250.0 


0.080 



TABLE 1: WAN CONNECTION SPEEDS 



Types of WAN connections appear in Column 1 , and their bandwidth capacity (in Kbps) 
is in Column 2. If all network traffic over the WAN connection occurred in 64-byte 
packets (which it does not), the packet rates for these connections would be as shown in 
Column 3. ISPs and telcos sometimes refer to their services in either Kbps or pps. It is 
usually the network running with 64-byte packets. Column 4 gives capacity at 80 per 
cent. Chronic utilization levels above 80 per cent usually indicate that capacity should 
be re-evaluated. Column 5, “1518 + 64,” gives the scenario if all packets downloaded 
were the maximum size of 1518 bytes with a 64-byte packet acknowledgement. There 
would be 3.5 pps over a centrex in this scenario and 97.3 pps over a T1. 

Packets are largely meaningless when analyzing performance. Bytes per second \s a 
better metric of bandwidth capacity. The maximum number of bytes of data that can 
pass through a centrex line per second is 7000. The maximum number of bytes per 
second over a 256-Kbps link is 32,000. 

It will be demonstrated later that school traffic typically is between 9:00 a.m. and 3:30 
p.m., or 6.5 hours. The overall capacity of a 256-Kbps connection for 6.5 hours would 
be 748.8 MB (6.5 hours X 3600 seconds / hour X 32,000 bytes per second). The 24- 
hour maximum capacity would be 2748 MB. The “off-hours” capacity, the difference 

20 



12 NETWORK DESIGN 



INTRODUCTION 



between the theoretical maximum daily rate and the “prime daytime rate,” would be 
1999.2 MB. This is the maximum amount.of traffic that could be used to download 
curriculum materials, “whack” web pages, update CTS modules, update video content, 
and do all the other things that could be done in off-hours. 

Knowing WAN link byte capacities permits the estimation of the amount of time to 
download files of various sizes. To download a file of 100 KB would require 14.286 
seconds via a 56-Kbps line and 0.51 9 seconds via a T1 . Note that this is simplified in 
that the rhodel examines total traffic and not just a one-way transmission of a single 
100-KBfile. 

Few schools have only one user. The bandwidth model may be extended to examine 
any different number of users (Table 2). If a lab of thirty computers are all downloading 
a 1 00-KB file, it will take 428.6 seconds on a centrex line and 1 5.6 seconds on a T1 . 
With 428 seconds (more than seven minutes) required to download a single page, the 
class will not have time to do any useful work. A centrex line would be too slow for their 
needs. 





100 KB 


Users 


Users 


Users 


Users 


Users 


Users 




# sec 


10 


20 


30 


40 


50 


60 


Centrex 


14.286 


142.9 


285.7 


428.6 


571.4 


714.3 


857.1 


ISDN 


6.250 


62.5 


125.0 


187.5 


250.0 


312.5 


375.0 


256 


3.125 


31.3 


62.5 


93.8 


125.0 


156.3 


187.5 


512 ' 


1.563 


15.6 


31.3 


46.9 


62.5 


78.1 


93.8 


T1 


0.519 


5.2 


10.4 


15.6 


20.8 


26.0 


31.2 


Ethernet 


0.080 


0.8 


1.6 


2.4 


3.2 


4.0 


4.8 



TABLE 2: DOWNLOAD TIMES FOR VARIOUS NUMBERS OF USERS 



The model (Tables 1 and 2) will permit the estimation of times via various WAN 
connections to a variable number of end users. This model requires knowledge of how 
much data is to be downloaded. To illustrate how this table can be used in practical 
terms, examine the Alberta Education web site home page (Figure 6) 
<http://ednet.edc.qov.ab.ca>. 




NETWORK DESIGN 



INTRODUCTION 13 






He?p 

n 






'W: 
















V ^R#lp*d ' 




. ■ . :■■■■ 

' Op#n ' 


r^. ' 






.., Stijp 



. L'oca(ioh: jhHp7/ednet.edc gov.ab c^/ 



-'I ^■s ;ig,g;:|rrp^;ii:^ :■ : , -■ •■■■ • v 




< 50 VeRNMgNT| 



ALBERTA 




EDUr.ATI O.N 



Highlights 



^. Education ■ 



kp^ Iftjh n P I o g V . 



System 



‘vThiasite ts 
£|>.des>sried to 
C*" provide 

pon schooling 
Albert a 
•^•;tor students 
r^bet^en the 
01 

C2-,18. 



‘The Alberta Education website (Ed net) is a ' - 
comprehensive internet guide for-K-12 education In the ;. 
province of Alberta. Inside you \Arill find the latest 
Information on edueation-enabiing technology , ' • 
curriculum documents, policy and legislation 
documents / news-releases : pasrdiploma ' 
examinations, demographic statistics of jurisdictions, 
schools on the web, and much more'. Ednefalso ■ '' 
contains links to other education stakeholder websites 
in the province of Alberta and around the world, and 
features a comprehensive search engine for finding 
documents onsite. 



Education ReIrnre«mem|^^^0^ 
First •nungs 
Our Children jr 






Technology Oihcowij^pg: 
Project Released; 



Now Onitne! 







If you are looking for information about Alberta's post-secondary institutions and other learning opportunities in 
Alberta, check out the Alberta Learning Information Service fALISI 




At the top of this home page is the picture of a child (Figure 7). This picture is a “gif file,” 
22,798 bytes in size. Using the model developed in Table 1 and replacing the 100-KB 
file size with 23 KB, a single user would take approximately 3.3 seconds to download the 
image through a centrex line. It would take approximately 0.1 seconds to download the 
same file through a T1 (1 .54 Mbps). It would take 98.6 seconds to download this single 
picture to thirty computers over centrex and 1 0.8 seconds over a T1 . 



GOVeRNMEMT COHTACTU5 NEWS 



ALBERTA 



fONUINil 




EDUCATION 

FIGURE 7: ALBERTA EDUCATION HEADER 



The model works for projecting bandwidth if the file size is known. This leads to the 
question, “How do you know how many bytes are downloaded?” Various tools can be 
used to quantify this question. 




BEST COPYAVAILABLS 



14 NETWORK DESIGN 



INTRODUCTION 










Metric Suggestion 



A five-second response time can be considered the upper limit for a terminal user. 

A twenty-second response time can be considered an upper limit for a browser on an 
“average” page. 




0 



3 



o 



NETWORK DESIGN 



INTRODUCTION 15 



WAN ANALYSIS 



TOOLS 

Given that a school or jurisdiction has a working bandwidth model, the next problem is to 
determine how much traffic will go to the WAN connection and therefore what WAN 
capacities are required. As indicated below, a number of tools with a wide range of 
costs can assist users in network analysis. At this time, no one tool can do all of the 
analysis that a user may wish to do. Some of these tools include: 

• Performance Monitor. An inexpensive way to determine total bytes (if an NT 
workstation or NT server is available) is to use Performance Monitor built into NT. 
The network interface card (NIC) can be monitored for total traffic, disk utilization, 
and CPU utilization. 

• RMON2 Probes (hardware and software). RMON is Remote MONitoring and is 
an industry standard. Elk Island Public Schools used probes from Technically 
Elite < http://www.tecelite.com >. RMON probes are useful in determining long- 
term traffic patterns as well as which computers are connecting with which other 
computers (Appendix F). 

• Network monitoring software. HP OpenView provides real-time monitoring. 
Within these tools are traffic patterns (see Appendix D). 

• Query Router. An inexpensive way of determining total bytes is to query the 
WAN router and examine byte counts. This is usually performed with vendor- 
specific software or some common tools such as telnet. 

• Low cost software. NetMedic < http://www.vitalsiqns.com > provides a series of 
tools to monitor ISP and server performance (see Appendix C). 

• Telco utilization reports. Utilization of WAN connections can be obtained by 
the telephone provider (e.g., TELUS). See sample of traffic analysis in Appendix 
E. 

• Firewall traffic utilization (Appendix G). If the school/district is using a firewall 
package, this software usually gives information that is useful for analysis. 



Tip 



Network monitoring such as HP OpenView or its equivalent encourages proactive 
management of the network. Instead of staff phoning and saying “I can not seem to run 
student records” or “I’m having a problem with the network,” alarm conditions can be set 
in the software to immediately notify users that a key device is not available. Network 
monitoring also helps to build a profile of problem devices and connections. 

T ' . ■ ' ' 




NETWORK DESIGN 



WAN ANALYSIS 17 



PACKET SIZE 



Before examining output analysis from various tools, it is necessary to differentiate 
between traffic in bytes and packets. The maximum number of bytes (eight bits) per 
second for various WAN connections was given in Table 1 . A 256-Kbps line has a 
maximum capacity of 32,000 bytes per second. Vendors and ISPs often talk in terms of 
packets per second. A brief introduction to packets is required to understand what this 
means. 

Two assumptions used for this paper are Ethernet (within the building — ANSI 802.3) and 
the TCP/IP protocol (within the building and to the Internet). Data is moved from one 
computer to another in bundles called packets. The smallest Ethernet packet size 
allowed is 64 bytes and the largest allowed is 1518 bytes with various sizes between 
these two extremes. All data transmitted through an Ethernet are in packets. 



Notes 

^ r ' 




"1 


I ^ 

• Only one pc 

• It takes 1 .2v 
pause (sent 

• When two a 
“back away' 
“CSMA/CD, 


icket can be on an Ethernet segment at a time. 

3 milliseconds to send a 1518-byte packet followed by a 9.6-microsecond 
d-silence-send-silence-send etc.). 

idapters transmit at the same time, there is a collision. Both of them will 
’’ and send later. Ethernet is a collision detect network. (Actually, it is 
” which is carrier sense multiple access with collision detection.) 





This report will not go into the actual network conversations that take place when an 
Internet browser goes to a site like the Alberta Education web site home page. An 
analogy of the network conversation is as follows: 



My browser: “Go to http://ednet.edc.aov.ab.ca ” 

Name Resolution 

My computer: “What is the address for the site?” 

Domain Name Server: “Its address is 142.229.18.199.” 

Mycomputer: “Go to 142.229.18.199.” 

Local Router: “Where is 1 42.229. 1 8. 1 99?” 

Various number of segments (hops) to arrive at ednet server 

Elk Island Public Schools to Alberta Education is 19 hops with the current 

ISP provider 

The ednet server synchronizes with my browser at this point. 

Ednet server: “Here is the homepage.” 

Server: 1®* packet 

My Computer: “Got it” 

Server: 2"*^ packet 

My computer: “Got it.” 

This is repeated until the data has been transmitted. Each segment or hop is 
conducting the same process so there are many conversations going on. 

Server: “Done.” 

Total packets = 234. Size = 99, 128 bytes. 



25 



ERIC 



18 NETWORK DESIGN 



WAN ANALYSIS 



The Alberta Education web site home page is 61 KB. A total (send/receive) of 91 ,128 
bytes of traffic are involved in downloading the home page (Figure 6). This was done in 
a total of 234 packets. The data path went through nineteen segments or hops (Figure 
5). A parenthetic comment is in order here. Before optimizing the home page, 21 7,560 
bytes of traffic were required to download the home page. This was done in a total 
(send/receive) of 41 7 packets. As more people develop web pages for central 
administration and schools, it is important to remember that there are many ways to 
reduce the amount of traffic required to access server pages. Any savings in size is 
repeated each time the page is accessed. 

Servers will attempt to send the data in as large a packet as possible (usually 1518 
bytes), and the response will be an acknowledgement (64 bytes). These packets are 
Ethernet packets and may be disassembled and re-assembled by the various devices on 
each hop or segment of the end-to-end pathway. 

The actual network traffic travelling over the network is greater than just the number of 
bytes of the host page. This reality has to be taken into account when performance is 
being examined. Each hop also can be a potential performance bottleneck! 

What do typical Internet (TCP/IP) packets look like? All data sent to and from a 
computer on an Ethernet segment follow highly structured standards (ANSI/IEEE 802.3) 
agreed to on a global basis. Both the IP address (derived from a domain name server 
and the PC) and the Ethernet address (a unique address built into each Ethernet 
adapter) are used to communicate. 

The data is encapsulated within the packet and may be either a small or large portion of 
the packet. The smallest packet size is 64 bytes and the largest is 1518 bytes. Key 
pieces of an Ethernet packet are illustrated in Table 3. A detailed version of Table 3 in 
included in Appendix H, Figure 38. 



Packet #1 



Packet Length: 
Timestamp: 
Ethernet Header 
Destination: 
Source: 



146 

14:12:29.820935 02/04/1998 

00:e0;b0:63:b3:eb 

00:60:08:a3:11:bd 



Source IP Address: 142.60.255.43 

Dest. IP Address: 142.229.18.199 



Data 



TABLES: ETHERNET PACKET 



The length of the packet is 146 bytes, and the timestamp was 14:12:29 on February 4, 
1998. Next are two physical addresses — the destination and the source. Physical 
addresses are unique to each Ethernet device. Every NIC, hub port, router port, etc. has 
a unique hardware address that is akin to a DNA sample or a retinal scan. It is an 



NETWORK DESIGN 



WAN ANALYSIS 19 



address in hex, where the first three pairs of numbers indicate the manufacturer of the 
Ethernet device. The source address above has a manufacturer 00:60:08, which is 
3COM. The next three pairs of numbers are unique for that manufacturer: in this case, 
63:b3:eb, which is a hex representation of a binary number (6 = 1 01 0, 3 = 001 1 , 
b = 1 01 1 , 3 = 001 1 , e = 1 1 1 0, b = 1 01 1 ). Usually the hardware address and source 
addresses are the same. 



Tips 

* } ^ 






1 ^ .0 — L - 

• You can fini 
. Networks ui 

• Every schoc 
well as the 1 
Ethernet co 
network mo 

• When a bro 
visited ofter 
site was not 
allows a use 


d your Ethernet address under NT by looking in the control panel in 
ider the adapter tab. 

3 l, jurisdiction, and department should record the TCP/IP address as 
Ethernet address whenever a new computer is acquired or a new 
nnection is made to the network. These addresses are essential for 
nitoring and troubleshooting. 

wser is in use, a time-out often occurs when a site is accessed that is not 
1 (not in any cache table, etc.). The result is an error message that “A 
t found or did not have a DNS entry.” Resending the request usually 
3r to reach the destination. 


1 ^ t ^ : . . . • ^ ^ . 



The source and destination IP addresses are next. These numbers are assigned by 
someone within the school or jurisdiction. In this case the source address is 
142.60.255.43 and the destination address is 142.229.18.199. Understanding the IP 
address is essential when working with security within a school. For example: 

• It is desirable for remote users who dial in to have an easily identifiable address 
range. This makes it easier to track after-hours use, which is a very common 
opening for unauthorized access. 

• If administration and. staff are on a different “subnet” or address range, it is 
possible to control the flow of traffic within a school. This could permit a teacher 
to access a server on the “instructional side” of the school network but prevent 
student access to the administrative side of the network. 

• IP addresses can be one of two types — static or dynamic. Static addresses are 
assigned to a particular computer and do not change. Dynamic addresses are 
assigned as needed and can change from one time to another. It is useful to 
assign a dynamic IP address for as long a period of time as possible for network 
troubleshooting or else have a log of which physical address an IP address was 
assigned to and for what period of time. 

Security should always be a concern for every school. The packet analyzed was 
acquired by a class of software referred to as packet capture software. Packet capture 
software is designed to capture information on the network for analysis and trouble- 
shooting. It can be used to identify devices causing such problems as broadcasting too 
often on the network. It can be used to analyze what software is doing on the network. 

27 , 



o 

ERIC 



20 network design 



WAN ANALYSIS 



In this report it was used to analyze traffic between a browser and an Internet host. It is 
a very powerful tool. 

Being powerful, packet capture software also can be misused. It could be used by 
students to monitor a final exam being sent to a printer, to capture passwords going 
through the network in “clear text,” and so on. It could also be used to monitor e-mail. 
Since this software captures packets in a passive fashion, it is impossible to detect from 
the network. This leads to the need to restrict the use of such software within 
jurisdictions to the individuals who are required to use it and to delineate the 
circumstances requiring its use. 

When wiring a school or jurisdiction office, be careful to physically separate cable so that 
it is difficult to access the physical network connection of secure users (usually 
administration). These should be separated on different hubs or with switches that do 
not share traffic from users who may attempt to capture data. Students and staff can 
easily download trial versions of packet capture software (if the network allows this type 
of traffic) and the problem could be spread throughout a jurisdiction in a very short 
period of time. 



Tip 




1"^ • 

Make a policy n 


estricting the use of packet capture software. 



T 



EIPS WAN ANALYSIS— PACKET SIZE 

EIPS currently has a 256-Kbps connection to its ISP. This Internet connection was 
monitored over a period of time. Using the model provided by Table 1 , we know the 
maximum capacity of this link is 32,000 bytes per second. This traffic analysis was 
derived from the use of Size Trend (Figure 8), one of the elements of an RMON probe 
which permits longer-term analysis of traffic patterns. 




NETWORK DESIGN 



WAN ANALYSIS 21 



Ifte y»vM 


I«bfe 


... ^ 




■ ' m 


p»l;©rn 




r : ■■ 


'■ ' • ""■ r 




1^'uoTim#. 'fi5i 


3 ctayi, 2219^6 ' 


il Otia Source: i*itn(Jex 'i 


■ " V-- 




1 <5 4 . 


} Current Distribution 




f Cumulative Distributi 





- ^ 




,0.5 , 1.0 

Counts^sec 





! : 




iNa^stos " 


St ’ 


" Pena ' 


* R«efPict/»cl 


. Dels % . 


5 J.- . ..4. . ^ 

V CunufaSiya % Coml ^ 




4 ■! 




, 1^. ’ ■ 7 < ^ : 


:0| 


■ ’ K 




2 


■ .4 % 




: - X 


'solj 




. I 


.s- 




ij05:^127 ^ ^ 


Oi 






;o'; 


4. =- 


t y 


: ", 


■5 8|1 


74^260- 










o| 


4 




to 


■ 4- ^ 


. 7 


i ■ t 


.X 4 1 4^. 


45S78S5 ^ 






X. 




o 


6 




0 




11 


; • 




6368635 •" ^ 


■' '■ * 


* 4: 




i;512.. 1023 ^ 


0| 


3 




0 


; .. « 


’ s 


• r 


"13 1"' 


' 1864^4 , 




i£> 




. ill024-1518^- - 


ol 


" g: 




^0" 


:5. ^ 


' 11 


>- . X 




147SB631 


























. . s' <s 



I 64 bytes 
D 65-1 27 bytes 
^ 128-255 bytes 
I 258-511 birtes 
D 512-1023 bytes 
1024-1 51 8 bytes 



FIGURE 8: RMON PACKET SIZE TREND (15-SECOND SAMPLE, MARCH 6, 1998) 



O 

ERIC 



Size trend provides three pieces of information: packet size distribution in bar form for 
the sample (here fifteen seconds), a pie chart distribution of cumulative size distribution 
(here 120 days), and a table showing changes in sample distribution and cumulative 
packet counts. This cumulative count can be used to generalize traffic needs for the 
WAN. Note that while the count in Figure 8 was taken much later (March 6, 1998) than 
the data for the model in Table 4 (January 6, 1 998), the percentage distribution is very 
similar. This means that the packet size distribution over this two-month period has 
been quite stable. 

Notice in the RMON packet size trend (Figure 8 table at bottom) that the probe 
categorized the packet sizes into packet size groups and gave actual packet counts 
observed within each grouping. These groupings (64, 65-127, etc.) are standard RMON 
groupings. A packet that is 124 bytes long would be counted in the 65-127 grouping. 
Using this raw data from the observed counts in the probe would be very misleading. 

Each data packet received on a network has to have a packet sent back to the sending 
computer acknowledging that it was received (an acknowledgement or ACK packet). 

The "observed" packet counts from the RMON probe are therefore corrected (Table 4) to 
determine the real distribution of packets. The observed packets by group (Columns 1- 
3) are obtained from the probe results. In this case there were 32,138,748 packets 
(Column 2) or 58 per cent (Column 3) packets of size 64 bytes, 3,710,830 (seven per 



ifii 






22 NETWORK DESIGN 



BEST COPY AVAIUBLE 



WAN ANALYSIS 



cent) of size 64-127 bytes, etc. for a total number of packets of 55,328,321 . Since every 
packet has an acknowledgement packet, one-half of the packets (27,664,161) must be 
these ACK packets and the other half data packets. Removing the ACK packets from 
the observed 64-byte packets yields the number of data packets of length 64 - 
4,474,588 (32,138,748 - 27,664,1 61 ). The true distribution of packets (Columns 4-7) 
illustrate the true distribution of packet by groups (Column 7 bold). To summarize, the 
RMON probe gives true counts but these counts must be understood to examine true 
data distribution. 



Column 1 


Column 2 


Col. 3 


Column 4 


Column 5 


Column 6 


CoL7 


Column 8 


Column 9 


256 Kbps 


Observed 








Total 




MAX 32 000 




Packet Size 


n 


% 


Data 


Ack 


packets 


% 


Bps 


MAX pps 




61 -day sample to 
January 6, 1998 
















64 


32,138,748 


58% 


4,474,588 


4,474,588 


8,949,175 


16% 


5176 


40 


65-127 


3,710,830 


7% 


3,710,830 


3,710,830 


7,421,660 


13% 


4292 


22 


128-255 


2,192,315 


4% 


2,192,315 


2,192,315 


4,384,630 


8% 


2536 


8 


256-511 


3,145,617 


6% 


3,145,617 


3,145,617 


'6,291,234 


11% 


3639 


6 


512-1023 


7,422,880 


13% 


7,422,880 


7,422,880 


14,845,760 


27% 


8586 


8 


1024-1518 


6,717,931 


12% 


6,717,931 


6,717,931 


13,435,862 


24% 


7771 


5 




55,328,321 




27,664,161 


27,664,161 


55,328,321 




32,000 


90 


Total Bytes 


22,502,503,034 












Max @64 + 64 


250 
















Max @1518 + 64 


20.2 



TABLE 4: INTERNET PACKET ANALYSIS 



Given this distribution (Column 7), it is possible to predict the number of bytes generated 
by each of these groups as well as the number of packets per second. For traffic of the 
EIPS profile the typical number of packets per second observed was 90 pps. From the 
bandwidth of 32,000 bytes per second, it is possible to estimate the maximum number of 
pps for the connection. If all packets were 64 bytes (+ 64 bytes ACK), the maximum 
number of packets would be 250 pps. If all packets were 1518 bytes (+ 64 bytes ACK), 
the maximum would be 20 pps. 

It should be noted that packet traffic is dynamic and changes over time. The RMON 
probe illustrates this (Figure 9) showing the changing packet distribution over time. 



BEST COPY AVAILABLE 

30 



NETWORK DESIGN 



WAN ANALYSIS 23 




FIGURE 9: INTERNET PACKET SIZES 




• The maximum bandwidth for any WAN connection (e.g., 256 Kbps = 32,000 bytes 
per second) will not change. 



• Capacity quoted by ISPs in packets per second (pps) is not a meaningful metric for * 
WAN connection speeds. ’ 



T 






Findings 



Packets sent and received on a WAN tend to be symmetric, having similar counts. 
Total traffic sent and received measured in bytes is highly asymmetric, with many 
more bytes received than sent. While the ratio of received to sent will vary, it is in 
the order of between 8:1 and 10:1. 

Traffic measured in bytes from a user to a server will be less than from that server. 

Since most of the WAN traffic is K-12 student traffic, the packet size distribution 
(Column 7) may be generalized to other school jurisdictions. 

The packet size trend for Internet traffic (Figure 9) is very different from the trend 
over a typical Ethernet segment. You can not use the analysis of an Ethernet to 
project WAN traffic. 

Internet traffic has high use of larger packets due to the number and sizes of graphic 
elements. 



31 



O 

ERIC 



24 network design 



best COPY AVAILABLE 



WAN ANALYSIS 





EIPS WAN ANALYSIS— PERFORMANCE MONITOR 



The use of an RMON probe was described and a model was developed to show packet 
size distribution. There are other ways of monitoring a network that involve less 
expensive tools. One of these tools is the Performance Monitor that comes as part of 
NT. Performance Monitor can be used to monitor various components within a 
computer and is useful in determining I/O bottlenecks, CPU performance problems, and 
so on. Usually this is done on key devices like cache servers, file servers, etc. 

If the school is using an NT-based computer for a proxy server or the district is using NT 
for its firewall software, it is possible to use Performance Monitor to monitor the network 
interface card (NIC) and hence the bandwidth utilization. The EIPS firewall was 
analyzed in such a way (Figure 10). 




FIGURE 10: PERFORMANCE MONITOR OF 256 Kbps FROM ETHERNET 



Performance Monitor can monitor approximately thirty objects, two of which are the 
network interface and processor. It gives four views — chart (used in Figure 10), alert, 
log, and report. Each object type contains counters or specific items that can be 
measured. In Figure 10, five counters were monitored — four on the NIC and the CPU. 
Which counters are to be monitored, as well as the colour and scale of the counters, is 
up to the user. 



32 



NETWORK DESIGN 



BEST COPY AVAILABLE 



WAN ANALYSIS 25 




In this case the highlighted counter (Bytes Total/sec) is on the chart at 1/1000 (0.001) 
and is displayed in a heavy line. Count values for the selected counter appear below the 
chart. During the 100-second period of the chart, average traffic received was 6162 Bps 
with a maximum peak of 23,538 Bps and 889 Bps in the last second. Use of the chart 
gives a real-time look at a particular counter. 

Monitoring the total bytes per second counter of the NIC connected to the WAN is an 
excellent method for determining when saturation is being reached. Alarms can be set 
for 80 per cent and 90 per cent utilization for monitoring peak utilization patterns. The 
data can also be logged over a longer period of time for more detailed analysis. 



Tip 




^ ^ 

Increased band 
sustained perio 
techniques hav 

HW * W--*, III 1,11. 


Iwidth capacity is required when WAN traffic exceeds 80 per cent for 
ds of time. This assumes that various bandwidth conservation 
e been used. 



The WAN is a shared resource. In EIPS, many schools are all sharing the available 
256-Kbps (32,000 Bps) Internet connection. Every computer user on the WAN has an 
impact on every other one. For this reason some jurisdictions choose to restrict what 
students can do. For example, they may choose not to allow files to be downloaded. 
Ignoring the security rationale for this, there is a good bandwidth reason why this may be 
a valid restriction. 

FTP is a common protocol used to download files. A test was done on FTP on a quiet 
network (little or no WAN activity). The test involved downloading a version of proxy 
server, a task not uncommon for systems support personnel. Three views of this 
download were used (Figure 11). The location window (top right view) indicates a file 
size of 12,71 1 KB and gives the usual estimate of time remaining and amount 
completed. 




26 network design 



WAN ANALYSIS 



Peiiormance Monitor - I^NICIO.pmc 



£ite £dil ifew fipHons H«rfp 



rnBPi 



Ilf tBifQliaf friSix I :ia|S|T SI' ■ 




lanixi 










" Loc^ron; ttp:/Adive;evL..y/3.5/p35eiu.exe 





^563.K9i Graph Timei lOaOKJ 



Colm Scale Countei 



00010000 B vies Total/sec 



Parent 



ONect 



Computer 



1.000 Packets/sec 
0.0010000 Bytes Sent/sec 
0,0010000 Bytes Received/sec 
1.000 X Processor Time 



Network mtertace XXFIREWALL 



Network Interface \\FIREWALL 
Network Interface V^FIREWALL 
Network Interface VVFIREWALL 
Processor \\FIREWALL 



Saving D:\Pr<»y35\Pf<»ty35eiu.e}« 

Status; 1243S9; of 12711K (W n.W^c] 

Tine Left 06:CO;17 



liiiiiniiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiit 

Can^l ‘ I 



! 97SJ 



- # 

■3 U St- 

•3 # 




|i Us>r Averagepo20971.494| -i5£1t?59[Mak^^ 4684^:7501 Graph Tima j lOQ.OOQ 



tScaJa Counter^ 



0.0010000 Bvtes Received/sec 



0.0001 000 Bytes Sent/sec 



V Instance 

2 



Ql»iect ^ 
Network Interface 



Computer 

\\CPU-SYS-253-G 



3 



Data: Dire nt Actr/k v ' 



FIGURE 11: FTP ON WAN AND LOCAL NIC 



Performance Monitor (large background view) was used to show what was happening at 
both the firewall and the local computer NIC. The average traffic received on the local 
computer \Nas 20,971 Bps with very little traffic sent (small peak at bottom of chart just 
below large peak). The average tota/ traffic on the firewall was 21 ,948 Bps. In other 
words, the FTP session took nearly 22,000 Bps of the 32,000 Bps maximum available. 
The likely reason that the FTP session did not take all of the bandwidth was due to 
latencies between the firewall and the destination host. 

One user will take as much bandwidth as is available. This is true of all browsers and 
other users on the WAN. The difference between a browser user and an FTP user is a 
matter of scale. An FTP user typically utilizes high bandwidth for longer periods of time 
than a browser user. 

WAN TRAFFIC— CONTENT 

It is possible to analyze all traffic on the WAN. One of the useful features possible in a 
firewall package is the capture of accounting information. This information can be 
downloaded to other tools such as databases or spreadsheets for further analysis. The 
total traffic from selected dates was analyzed within EIPS. One date — January 15, 

1 998 — was analyzed in detail for this study (this arbitrary date may or may not be 
representative). 

34 



NETWORK DESIGN 



BEST COPY AVAIU^BLE 



WAN ANALYSIS 27 







Jan 15 1998 Internet Traffic 




FIGURE 12: WAN TRAFFIC BY SITE 



O 

ERIC 



Total traffic for January 15 was approximately 541 MB. Of this traffic: 

• a large senior high school (grades 10-12) accounted for 24.2 per cent 

• a large junior high school (grades 7-9), 14.2 per cent 

• another senior high school, 13.5 per cent 

• a more distant high school (grades 7-12), 1 1 per cent. 



Of interest here is not the total traffic but rather how the schools are connected. All of 
the senior high schools were properly wired during the summer of 1997, so their 
infrastructure was in place. The junior high school cited is largely wired, but not to the 
same extent as the high schools. Most of the other schools were not wired. In addition, 
most of the high traffic schools have good WAN speeds within the jurisdiction. The 24.2 
per cent school is connected via fibre, the 14.2 per cent school by cable modem, the 
13.5 per cent school by 2-Mbps wireless. The distant high school is currently connected 
by 56 Kbps but is in the process of converting to AGNpac. 

Having the proper wiring infrastructure is essential to the use of the Internet. Equitable 
bandwidth from the school is essential. 



All of the January 15, 1 998 traffic was sorted in descending order of size (number of 
bytes). Sixty-one sessions (Appendix G) were greater than 500,000 bytes. The total 
traffic of these sixty-one sessions was 1 15,359,471 bytes (21 .4 per cent of total) in 
1 91 ,007 packets. This traffic occurred in seven services (Table 5). FTP accounted for 
1 0.5 per cent of the traffic for sessions of 500,000 bytes or more, or 2.3 per cent of total 



35 



28 NETWORK DESIGN 



WAN ANALYSIS 



traffic. (There could be more FTP traffic in other sessions for traffic less than 0.5 MB.) 
RealAudio accounted for approximately half of this amount at 5.8 per cent. 



Sum of Bytes 


Service 


Bytes 


Top 


Total 


5000 


1 ,362,983 


1 .2% 


0.3% 


666 


19,255,018 


16.7% 


3.6% 


6667 


679,919 


0.6% 


0.1% 


FTP 


12,144,936 


10.5% 


2.3% 


HTTP 


72,510,046 


62.8% 


13.5% 


pop-3 


2,745,975 


2.4% 


0.5% 


RealAudio 


6,680,594 


5.8% 


1 .2% 


Grand Total 


115,379,471 




21.4% 



TABLE 5: SUMMARY OF TRAFFIC BY SERVICE 

Of the files over 0.5 MB that were downloaded, movies (“.mov”) made up 38.7 per cent 
of the traffic. Programs (“.exe” and “.hqx”) account for 6 per cent and 0.8 per cent of 
traffic. Examination of the destination files (see Appendix J, Figure 42) reveals that most 
of the movie files and sound files are entertainment-related. While it is understandable 
that students will want to go to these types of sites, it is difficult to justify from the 
perspective of total available bandwidth. While a particular school or teacher might not 
mind students going to these sites, bandwidth is limited and every connected user has 
an impact on every other user. A 5.8-MB movie file of Scream2 has an impact on every 
class trying to do curriculum-related work. 



Sum of Bytes 


Type 


Bytes 


Top 


Total 




42,869,425 


37.2% 


8.0% 


.au 


8,143,345 


7.1% 


1 .5% 


■qt 


577,645 


0.5% 


0.1% 


AVI 


1 ,974,036 


1.7% 


0.4% 


exe 


6,891,476 


6.0% 


1 .3% 


gif 


1,184,388 


1 .0% 


0.2% 


hqx 


922,878 


0.8% 


0.2% 


jpg 


524,459 


0.5% 


0.1% 


mov 


44,709,045 


38.7% 


8.3% 


wav 


6,857,769 


5.9% 


1 .3% 


zip 


725,005 


0.6% 


0.1% 


Grand Total 


115,379,471 




21.4% 



TABLE 6: SUMMARY CF TRAFFIC BY FILE TYPE 

The variety of possible solutions to issues raised here are beyond the scope of this 
report. 



36 



NETWORK DESIGN 



WAN ANALYSIS 29 



WAN EQUITY 



Not all schools in the province or even within a jurisdiction have the same WAN options 
as others. Urban schools and large schools usually have more options that rural schools 
and small schools. It is possible to begin to quantify bandwidth requirements by school 
(Table 7). One common assumption is that the bandwidth requirements of students at 
different levels is different. For example, if it is assumed that a grades 7-12 school 
requires a bandwidth of of 56 Kbps per student, a school with 987 students would 
require 55,210 Kbps or 55.2 Mbps. Clearly, this model is too simplistic. 



Grade Level 


# Students 


Kbps per 
student 


Total Kbps 


ECS 


0 






1-3 


0 






4-6 


0 






7-9 


476 


56 


26,656 


10-12 


510 


56 


28,560 


Total 


987 




55,210 



O 

ERIC 



TABLE 7: SCHOOL BANDWIDTH PROJECTION 



A model must be flexible enough to allow for altering bandwidth requirements. Some of 
the variables are; 

• the number of stand-alone computers attached to the school LAN. 

LAN-connected, stand-alone computers are those computers in various rooms 
and locations that are capable of using the WAN. It is assumed that not all of 
these would be on the WAN at the same time (perhaps 20 per cent would be). 

• the number of labs by type (15, 20, 25, 30, etc. computers) and, for each lab, 
whether or not the class will work on group or individual projects. 

During study periods, some computers would be doing word processing, some 
using the WAN, and so on. 

• the number of computers in a library-type setting. 

• the number of computers used by staff. 

• the number of CTS or other high-bandwidth-use computers (video, real-time 
audio, distance education, etc.). 



A school’s bandwidth can be estimated (Table 8). This school has a population of 1068 
and, in time, every student could have a computer. Since the maximum number of 
computers would be 1068, the network infrastructure has to be built accordingly. A ratio 
of 15:1 for the number of students per computer provides an estimate of eighty-three 
computers, while a 5:1 ratio yields 214 computers. It then requires the bandwidth to be 
estimated. All assumptions about bandwidth appear in italics. 



37 



30 network design 



WAN ANALYSIS 



School Population 


1068 


Number of computers @ 1 5:1 


83 


Number of computers @ 5:1 


214 


Maximum # student computers 


1068 


Student Stand-alone Computers 




Bandwidth — stand-alone Kbps per student 


56 


% stand-alone on WAN 


20 % 


Stand-alone bandwidth @ 5:1 (Kbps) 


2397 


Labs 




Two labs of 30 


60 


Bandwidth — lab Kbps per student 


56 


Lab % of computers on WAN concurrently 


100 % 


% lab bandwidth by cache server 


20 % 


Lab bandwidth (Kbps) 


2352 


Staff 




Number of staff 


90 


Number of staff computers 


30 


% of staff on WAN 


50 % 


Bandwidth — Kbps per staff 


56 


% bandwidth saved by cache 


35 % 


Staff bandwidth (Kbps) 


294 


Net School Bandwidth Requirement (Kbps) 


5043 



TABLE 8: SCHOOL BANDWIDTH ESTIMATION 



This model separates assumptions from easily derived metrics in order to examine their 
impact. If the established standard for the school is 56 Kbps per student and 20 per cent 
of the 214 stand-alone student computers are on the WAN concurrently, the bandwidth 
required for this portion of the school is 2397 Kbps (2.397 Mbps). 

These are not the only computers in a school. Assume that there are two labs with thirty 
computers each (or one lab of thirty, another lab of fifteen, and fifteen in a library — sixty 
computers in definable groups). Again, assuming 56 Kbps per student on the WAN and 
100 per cent of students on the WAN and 20 per cent of their traffic successfully cached 
in a cache server, the bandwidth impact of the labs would be 2352 Kbps (2.352 Mbps). 



38 



NETWORK DESIGN 



WAN ANALYSIS 31 



Staff (both teaching and support) also use computers. Assuming thirty staff computers 
with 50 per cent on the WAN concurrently and 35 per cent of their traffic cached in the 
cache server, the bandwidth requirements would be 294 Kbps (0.294 Mbps). The 
school total required would be 5043 Kbps (5.043 Mbps). 

Few schools would pay for 5-Mbps WAN connections at current prices. The utility of a 
model is that various “what-if” scenarios may be run in order to examine and refine 
assumptions. 

• Reducing the bandwidth standard to 28 Kbps (50 per cent reduction) or some 
other rate would decrease the requirements by 50 per cent (approximately 2.5 
Mbps). 

• Improving the cache server hit rates by tuning, utilizing larger drives, etc. would 
further reduce bandwidth. 

• Scheduling classes in the labs so that only one of them is on the WAN at any 
time reduces the lab impact of the two labs by 50 per cent. 

• Eliminating non-essential traffic would decrease requirements. 

• Identifying high-use sites and mirroring them in the jurisdiction or school would 
reduce bandwidth requirements. 

"What-if” analysis can be used to create a worst-case scenario. In this school, the worst 
case would be to have every staff member and student all using video at the same time. 
The LAN within the school must be designed to be worst-case ready. This will require 
secure wiring closets with 10/100-Mbps segments that are 1000 Mbps ready. The 
number of servers will continue to grow as the amount of electronic services and the 
complexity of the environment increase. 

Most school staff have “a feel” for what is going on in the school and can identify WAN 
utilization somewhat intuitively. Given access to some of the tools identified in this 
report, it would be possible to monitor the total bytes, which IP addresses are generating 
traffic, which protocols are being used, and so on. 



Enterprise Perspective 



WAN bandwidth is dynamic in that instantaneous utilization varies from moment to 
moment. It also is a limiting resource; everyone has an impact on the performance of 
everyone else. In jurisdictions running a system WAN, every user in a school has an 
impact on every other user in the other schools. In site-based decision making, this 
level of integration is unusual. 



Using the Internet as a “noon-hour supervisor” in one school impedes another school 
from doing curricular-related work. 




O 

ERIC 



32 network design 



WAN ANALYSIS 




Issues 




n 


t ^ ' : 

• Equalizing t 

• Measuring \ 
ignores the 


he cost per Kbps among all schools, much like sparsity and distance. 

AfAN capacity in Kbps per WAN user and not Kbps per school, which 
numbers of students and computers involved. 


^ ^ A f ^ ... ' V . ^ j V .V , : , ; ^ ; ^ ' 



SHARED BANDWIDTH— THE CASE FOR A SWITCH 

Many schools install “dumb hubs” in the network layer since the cost per port is lower 
than other alternatives. For example, an unmanaged hub sells for about $680 while the 
managed version sells for about $1 1 00. A school/department that acquires the 
unmanaged hub will not be able to use network tools such as OpenView to monitor it. 



Metric 



Cost per port is 


i 

useful for planning network costs; e.g., $75 per port or $X per port. 


I" ^ ^ ^ ■ - - - - ^ ^ ^ . - : - . / ^ - ■ ■' " - " 



As LAN network traffic increases (and also as security becomes more of a concern) the 
use of hubs should be re-examined. Assume that a 24-port hub is in use. When a 
computer attached to one of the ports downloads a large file, every other computer 
attached to that hub also “sees” that traffic. Each computer’s network card is busy even 
though the individual computer is not downloading any data. When a user does create 
network traffic by browsing, etc., that network traffic competes with the other traffic on 
the hub. 



Metric 




A10-Mbps Ethf 
3 Mbps. 

h” — — — — 


srnet segment generally becomes “saturated” above 30 per cent or 





NETWORK DESIGN 



WAN ANALYSIS 33 



Library Server 



100 Mbps 



Target 
User 




Library Server 



100 Mbps 



Target I 
User 



All get traffic 

FIGURE 13: HUB VERSUS SWITCH 




One gets 
traffic 



The use of a switch helps control where network traffic is transmitted. A proper switch 
will transmit the data only to the port requiring it, thus reducing the overall traffic to other 
computers on the segment (Figure 13). Note that even for small schools it is highly 
desirable to have a 1 00-Mbps segment since network traffic for on-line encyclopedias 
and multimedia will require this bandwidth. Large schools should be designed to move 
segments to 1 000 Mbps when the need arises. 



Design 




r ^ 

Switched to the 


1 desktop. Just do it. 





CACHE SERVER 

One technique for removing traffic from the WAN connection is the use of a cache 
server. Cache servers are usually dedicated computers running software such as 
Netscape’s Proxy Server or Microsoft’s Proxy Server. Each time a user accesses a new 
page, the local copy of the browser copies the files to its hard disk. If this site is 
accessed again, a copy of the file is read from the local cache file and the traffic is not 
downloaded from the network (Figure 14). 



41 



34 network design 



WAN ANALYSIS 







If a cache server is installed on the network, each web page is copied to the cache 
server’s hard disk. The first time a web site is accessed, the data is sent to the 
requesting computer and also is written to the hard disk drive on the cache server. 
Subsequent user requests to that web site will likely be served from the copy on the 
cache server and not from the host web site. A cache server has the potential of greatly 
reducing the overall WAN traffic. 

To illustrate the potential impact of a cache server, assume the 1 00-KB file referred to in 
the model (Table 1 ) in a lab setting of thirty computers. The first user to access the web 
server will download 100 KB (ignore handshaking and other real network issues). This 
will be stored on both the user’s browser cache as well as the cache server. If a second 
user in this lab accesses this site, the data will be downloaded from the cache server 
over a local Ethernet connection and not from the web server. 

If each of the thirty computers access this same site (as would be the case in a teaching 
environment where a specific site is required), the total WAN traffic would be thirty times 
100 KB (3000 KB) without a cache server and 100 KB with a cache server. This would 
represent a best case scenario. 

If each user were doing independent work, the impact of the cache server would be 
reduced since these users tend to be going to different sites. In other words, the thirty 
times savings in WAN traffic would tend towards one time or no net WAN bandwidth 
saving. In reality, there is generally a 20 to 30 per cent cache hit rate in schools with a 
mix of labs and computers in other locations. 

Overall network traffic may not seem to warrant a cache server, particularly in schools 
with small enrolments. (The cost per student for a small school to justify a cache server 
with UW disk drives is quite high.) However, there is another way of looking at cache 



NETWORK DESIGN 



WAN ANALYSIS 35 



servers: if the information has been cached, the latency for the student is much lower 
than waiting for it over a much slower WAN link. 



Tips 



1 - - - ^ ^ 

• Cache servi 
adequate p( 
give better f 

• Using two n 
One NIC ca 
unnecessar 


3rs are disk I/O-intensive. Ultra-wide SCSI (UW) disks are required for 
srformance. (The U2W drives that are beginning to be available should 
jerformance than UW.) 

etwork interface cards (NIC) in a cache server helps segment the traffic, 
n connect to the LAN and the other to the WAN. This reduces 
y traffic to the WAN device (router, etc.). 


L-mi — K ■ • 2 1 — ^ ^ ^ 1 — n,,,,. ^ a ^ ^ ^ ^ ^ ^ ^ 



Issue 




1 4 - ' ^ ^ 

Equity means 1 
large schools, 
other network 0 


that performance should be available equally to students in small and 
To provide network opportunities, schools may require cache servers and 
levices “beyond what the numbers warrant." 


r .... .... .. . ^ A. ^ ^ * -> w . » . ' - : - ' ^ 



A question often asked: “Is a cache server worth the price? After all, they’re expensive.” 
There is no simple answer to this subjective question. A cache server could make the 
difference between a slow WAN connection being useful or too slow. The following 
snapshot of two cache servers illustrates actual student patterns. Table 9 lists the top 
destinations from two large senior high schools. 



Site 1 


# 


% 


Site 2 


# 


% 


com 


5377 


57.9% 


com 


1405 


53.1% 


net 


854 


9.2% 


net 


247 


9.3% 


edu 


642 


6.9% 


ca 


238 


9.0% 


ca 


578 


6.2% 


edu 


231 


8.7% 


org 


367 


4.0% 


org 


126 


4.8% 


uk 


237 


2.6% 


[Local Hos 


66 


2.5% 


au 


150 


1 .6% 


uk 


58 


2.2% 


de 


93 


1 .0% 


au 


37 


1 .4% 


se 


80 


0.9% 


gov 


30 


1.1% 


gov 


70 


0.8% 


se 


26 


1 .0% 


nl 


64 


0.7% 


de 


25 


0.9% 


us 


58 


0.6% 


us 


22 


0.8% 


jp 


51 


0.5% 


fr 


18 


0.7% 



TABLE 9: CACHE SITE ANALYSIS 

43 



er|c 



36 network design 



WAN ANALYSIS 



BEST COPY AVAILABLE 



In both schools, the largest single destination is “.com” — commercial sites. This raises 
the further question as to which sites these are (Table 10). 



School 1 


n 


% 


School 2 


n 


% 


www.qeocities.com 


1361 


9.9% 


www.qeocities.com 


1797 


6.4% 


members.aol.com 


2684 


1 .9% 


www.microsoft.com 


436 


1 .6% 


lmaqes.vahoo.com 


1373 


1 .0% 


www.infoseek.com 


395 


1 .4% 


www.infoseek.com 


1230 


0.9% 


www.burton.com 


388 


1 .4% 


members.triDod.com 


1226 


0.9% 


imaqes.vahoo.com 


351 


1 .3% 


home.netscaoe.com 


1112 


0.8% 


home.netscaoe.com 


305 


1.1% 


www.anqelfire.com 


1064 


0.8% 


Members.aol.com 


259 


0.9% 


www.microsoft.com 


798 


0.6% 


www.nhl.com 


206 


0.7% 


www.excite.com 


779 


0.6% 


www.disnev.com 


201 


0.7% 


ads.lvcos.com 


677 


0.5% 


www.q1d.com 


194 


0.7% 


www.SDe.sonv.com 


598 


0.4% 


www.excfte.com 


191 


0.7% 


www.fortunecitv.com 


458 


0.3% 


fvf.warzone.com 


189 


0.7% 


www.windows95.com 


454 


0.3% 


www.discoveralberta.com 


184 


0.7% 



TABLE 10: ".COM" CACHE ANALYSIS 



The largest single site in the “.com” group of sites is < www.qeocities.com >. Like other 
large sites, this site has various categories. It would appear (from the network traffic 
point of view) that this site is being chosen over others for chat, e-mail, and free web 
pages. 

If a jurisdiction has all of its schools connect to a jurisdiction-wide WAN connection, it is 
possible to have a jurisdiction or "head-end" cache server. This server will be queried 
for web pages before the network request goes out onto the Internet. The architecture 
of having a school cache server and a jurisdiction cache server is referred to as 
“cascading cache servers.” 



r ^ 




n 


1 ' ■ * - 

If WAN bandwi( 
activities are of 

1 — -t: 


1th is an issue, schools may wish to review what sites and types of 
educational merit. 




NETWORK DESIGN 



WAN ANALYSIS 37 



MULTIPLE WAN CONNECTIONS 



Most schools in the province are connected to the Internet via a single network access 
point. In August 1 997, cable companies donated a cable modem to schools where the 
service was available. This event, which resulted in the potential for schools to have 
more than one WAN connection, raises some architecture design issues. If the school is 
part of a jurisdiction WAN with firewall and filtering at a central site, access to the 
Internet at the school level creates a security access point to the jurisdiction at many 
locations. This results in requirements for filtering, firewall, etc. at each site in addition to 
the central site. 

T raditionally the solution would be to add a router at the site. A router is very good at 
keeping unwanted traffic out of the school, but it does little to filter for content or other 
types of tasks. With the prices of PCs falling rapidly, it is possible to use a proxy server- 
firewall-filter computer with two network interface cards (Figure 15). 

Network World magazine reviewed a router (Cisco 2514) versus a PC (200 MHz 
Pentium with MS RRAS routing, 3Com 10/100 NIC) (January 12, 1998: 
< http://www/nwfusion.com >) and found that a Pentium 200 with 10/1 00 adapters could 
handle approximately twenty-five users per segment and up to 100 users overall before 
encouraging significant performance issues. Hardware-based routers like the 2514 were 
more appropriate for 50-75 users per segment or heavy load users. 

PC and router costs are similar, depending on what is purchased for the PC. The PC 
gives better flexibility, in that more software such as filtering can be run and the 
computer can be moved to other locations in the school or jurisdiction when more 
capacity is required. A router performs that job well but is obsolete when it no longer 
meets the needs of the school. 

A more thorough test of this architecture is being conducted at a school in the Elk Island 
Public Schools Regional Division. 



Jurisdiction WAN 



School 

Internet 



School 



Router 




Firewall 
Proxy Server 
Filter 



Switch 



School LAN 



FIGURE 15: MULTIPLE WAN CONNECTIONS FROM A SCHOOL 



45 



38 network design 



WAN ANALYSIS 



SUBNETS AND FILTERS 



Schools represent an interesting security challenge. In many schools, students know 
more about computers and networks than the teachers and staff. Students in senior 
grades also have access to packet analysis software, viruses, and all of the things that 
have the potential to make a school network vulnerable. Various mechanisms have 
been deployed to “lock up” the desktops. Recently there has been a move to Windows 
NT for student computers because of its ability to be tightly controlled. 

One area of overall security that often is overlooked is subnets and filters. This area 
must be addressed very early in the design since any changes downstream are very 
time-consuming to implement. A number of early decisions can assist the school 
design. 

What is the address: 

• range of administrative computers 

• range of instructional computers 

• the mail server 

• the school server 

• the web server 

• the primary domain controller (for NT schools) 

• the remote access server (for dial in) 

• the proxy/cache server 

• video server 

• library electronic resources server 

• etc. 

Before long, schools find they have a multiplicity of electronic services. In small schools 
many of these functions can occur on one server but in large schools they will quickly be 
on multiple computers. From a jurisdiction perspective there needs to be a similarity so 
that, when a device sets off an alarm in OpenView or its equivalent, the address will 
easily be identified (what type of device it is). These types of network services should 
have static addresses. 

For purposes of discussion, assume that the school has a private B or C licence on their 
side of the firewall (x.x.1 25.0 and x.x.1 26.0 where 1 25 is administrative and 1 26 is 
instructional). The school wishes to have a mail server (x.x.1 26. z where 126 is 
instructional and z is the number for mail servers) that can be accessed by both students 
and staff. Placing it on the instructional side of the network will require access through a 
network device that lets staff through to the mail server but prevents students from going 
through the device to the administration side (Figure 16). 



46 



NETWORK DESIGN 



WAN ANALYSIS 39 



Interface 


Proto 


Port 


Address 


Mask 


Action 


Destination 


TCP 


25 


x.x. 125.0 


255.255.255.0 


Forward 


Source 




All 


X.X.126.Z 


255.255.255.255 





TABLE 11: FILTER ADDRESS AND MASK 



In the example shown in Table 11 , the router would be given IP filter rules to allow TCP 
traffic for mail (SMTP is port 25) to go from the mail server (126.z) through. For most 
readers, how this works is not important, just that it can be done. This issue needs to 
be addressed eariy in the evoiution of the schooi network. 

Figure 16 illustrates how a filter can allow administrative and instructional traffic to 
access a server while preventing an instructional computer from accessing the 
administrative network. The router permits the address range of the administrative 
subnet to go to the segment with the server. The same router drops the packets from 
the instructional computers so they are unable to get to the administrative segment. In 
order for this to continue to work, the system must prevent anyone from changing IP 
addresses on the instructional side to administrative ones. 



Target 




FIGURE 16: FILTER ON ADDRESS/PROTOCOL 



O 

ERIC 



40 network design 



WAN ANALYSIS 



Tips 



• Administrative and instructional computers should have different IP addresses that 
can be filtered easily. 

• Administrative and instructional computers should be attached to different physical 
hubs or switches. 

• External access (e.g., from modems) should be controlled by an access server and 
should be easily identified by their IP addresses. 

• Filters can be applied to IP addresses as well as protocols. 

• Filter and allow only student IP addresses from instructional computers. This will 
prevent students from spoofing by changing their IP address to an administrator’s 
address. 

• Where possible, there should be “one computer for one service.” 



CASE ANALYSIS— LISTENING TO THE RADIO 

Listening to a radio live (Figure 17) requires between 8 Kbps and 1 1 Kbps of bandwidth. 
It also requires a very good end-to-end connection since each network delay disrupts the 
audio noticeably. Notice this capacity may be determined by the use of the RealAudio 
window “Playing 8.0 Kbps,” the NetMedic window (1 1 Kbps instantaneous in Speed Limit 
section at time of capture but averaging 8 Kbps), or 1251 Bps (1251 X 8 = 10,008 bits or 
10 Kbps) average using Performance Monitor on the NIC. 



4S 



NETWORK DESIGN 



WAN ANALYSIS 41 



/K. |--il3||xt ,?ta}fejigKig:s lagsi:^ 

File View Window Help 






i.a|a|&|§i| ^ ^|ei 



File Edit View Options Help 

+ 



X 



GSD 



Site Delay: 29 ■% Site; radio. cbc.ca # Msrts: 3 (G 



SPEED L (MIT 

R.etTieval 



TtlM£ 


NETWORK BITE AVG. RATE 


raiph. ei. 


educ.ab. a ' / 


# 




HEALTH 


CPU LOAD ^ CACHE HITS 



CLLAV 


TRAFFIC 


■HEALTH 








istar.net 




# ^ 


CILAV 


TRAFFIC 


HEALTH 








Internet 




V 1 / 



radio.cbc.ca 



ITW^FIC - SPEED " 



Session Time 



Vi 



session TODAY 



100 

95 

90 

85 

80 

75 

70 



> RealPlayer: CBC Radio Live 



File View Clip Sites Help 



>/\\ 



] : 50 
i 45 
40 
, 35 
30 

I; ; 25 

' : 20 
15 












£E2S. 



Title: jCBC Radio Live 

Author: ICanadian Broadcasting Corporation 



Copyright: [CBC Radio 1997 



60 


■ Mgi^o 


05:55.4 7 Live 




55 


1 Playing 8.0 Kbps live stream 




4 - 



10 






' Last 



LOAD -W PT01.fGH PUT' 'i 




1919.749 Grai 



Color 



Draw ->’ 1 jDj J^_ I AyjtoShapes ^ - "yj 



Scale Counter 



0.0100000 Bytes Received/sec 



0.0100000 Bytes Sent/sec 
1.000 ^ Processor Time 
1.000 Packets Received/sec 
1.000 Packets Sent/sec 



Instance 



FIGURE 17: LIVE RADIO 

The question may be asked, “So what? Who cares if listening to audio takes eight 
Kbps?” The answer relates to what a school may actually do in the future. 

For example, consider a high school social studies teacher who wants to listen to a 
report on a key world event that is being broadcast on the Internet. If the teacher uses a 
single computer and speakers, the bandwidth to the school would be eight Kbps. If the 
teacher uses one computer per student, each student’s bandwidth requirements are 
eight Kbps. A class of thirty would require 30 X 8 Kbps or 240 Kbps. Many schools do 
not have that bandwidth available. Trying to do this over a centrex line would result in 
lost data, broken speech, and an unsatisfactory instructional experience. 



49 



42 network design 



BEST COPY AVAILABLE 



WAN ANALYSIS 







Knowing the general metric for RealAudio permits teachers to select alternative 
instructional strategies. One way around the bandwidth to the school would be similar to 
a cache server — creating an audio server (and using multicast). This would involve a 
computer that runs audio server software. The sound clip is downloaded to the server for 
subsequent use by students. Audio servers are very good at storing sound clips that are 
most often useful to auditory learners. Such a server is a network architecture design 
issue. 



Useful Sites 



L - & 0 ^ a- ^ ^ ^ 

RealAudio <htto://ww 
CU-SeeMe <httD://wv 


w.realaudio.com/> 
/w. woine.com/> 


t ^ ^ „:r ^ at Iiti r a ^ ii rt , t 1 a, r - ^ ^ ^ ^ .a A. ^ 



PORNOGRAPHY, HACKERS, AND OTHER UNMENTIONABLES 

Although most people recognize that many sites are inappropriate for student use, few 
schools and jurisdictions in Alberta are using filtering software. Some using the software 
may not have examined whether the software is effective. Many jurisdictions apparently 
do not want to be cyber-police and rely on signed “terms-of-use” agreements. This is 
one of the many new tasks that emerge in running a network, and often there is not 
sufficient staff to address all of them. Although the word “censorship” is often heard, 
materials available on the Internet may require some level of action in loco parentis. 

Firewall-1 accounting logs indicate that students in unsupervised labs or using 
computers that a teacher/librarian can not see are accessing sites that many parents 
would not consider acceptable. 

The major use of a firewall product such as Firewall-1 is to protect the internal network 
from outside attack. Many users throughout the world find, attack, and destroy the data, 
servers, and access to the Internet of individuals and institutions. Most schools operate 
in a trusting environment and are not used to having to protect themselves fr*om such 
attack. Firewall-1 is a good product for providing a rules-based interface to firewall 
management. 

Management of what internal users are permitted to do in such an environment is 
illustrated by a rule (Figure 18). 



4 


idMr reworks 1 




— 1 


i ' I^ISmi^Trap j 


j|^j Gateways || 


cv ' ^ " itockreiridedsjJ 

! | 








J 


1 




^ ■ • I L J 



FIGURE 18: A FIREWALL-1 RULE 



In this rule, a subset of, users (all instructional networks) that attempt to access a 
restricted site (for example, those defined within SurfWatch or WebSense) will have their 

50 



NETWORK DESIGN 



BEST COPY AVAILABLE 



WAN ANALYSIS 43 




packets rejected. In addition to this, the management software monitoring the network 
(in our case, the OpenView console) will be notified by an SNMP alert that such an 
access has been attempted. It is possible to see network rule violations in real time. 

To assist schools in reducing these situations, a screen (Figure 19) has been created 
that contains a loud siren noise. This web page is sent whenever the filter software 
encounters a site on the list of inappropriate sites. While it sometimes creates false 
alarms, such a technique reduces the number of in-school accesses. Note, however, 
that talented students can disable the sound before accessing sites. 



Netscape - IResliicled Sites] 



£te View ,£o Jgookmark* Qptions ^kectoty 



ji B*ek 






Home 



Edit ' 






c><» 

Qptn 



a 

Print 



Find 






Location: 



M 



Wh^'s New? I’ What's Cod? j: Destinations || Net Search |[ People L Sdtware | 



Q 



Elk Island Public Schools 




Transmission arid receipt of inappropriate materials is 
prohibited. v 



^ Violation will result in a loss of access arid may; result 



in other disciplinary or legal actions. 

Your attempt to access tins prige has been logge ^ I " 



lOocuiner^Ki^ 






FIGURE 19: AUDIBLE ALERT 



Suggested Strategy 




L ' .. > - ' ^ ■ ■ 

Implement filtering and have s 

1 -r" ■■■■■' ■ . . V / 


taff check logs. 



Useful Sites * 

WebSense < http://www.websense.com/ > 

Surf watch < http://www1 .surfwatch.com/home/ > 



BESTCOPY AVAILABLE 

51 



44 network design 



WAN ANALYSIS 



DIAGRAMS AND DOCUMENTATION 



One tool for recording IP addresses, MAC (Ethernet) addresses, and wiring diagrams is 
a visual database from Aperture. Starting off as a Macintosh application, it has moved to 
the Windows NT environment and also is integrated into OpenView. 

Appendices H and I (Figures 38-40) include diagrams at the jurisdiction level down to 
individual computers with data records attached to them. Examination of the menu bar 
will illustrate that this is a combination drawing suite and database that can be navigated 
much like web pages with “hot spots.” 

There are powerful and useful tools available to assist in the documentation process. All 
Elk Island Public Schools wiring tenders are first drawn with a tool and are given to 
potential contractors for a price quotation. 



Useful Site 



Aperture <htto://www 


i 

.aoerture.com/> # 


I' ■ v: ; . . - : : - - — ^ ^ ; : — u — , ^ ^ . ^ . .. . i .. iL 



WAN ANALYSIS SUMMARY 

The model provided in this report illustrates a number of points. Network traffic occurs 
over Ethernet and Internet traffic utilizes the TCP/IP protocol. Different WAN 
connections have different capacities. A 56-Kbps connection has a maximum capacity 
of 7000 bytes per second while a T1 has a maximum capacity of 192,500 Bps. These 
are theoretical maximums; approximately 80 per cent of the capacity should be used to 
determine typical traffic. 

There are different packet sizes on a network, and it takes different amounts of time to 
download files of various sizes. Many users have an impact on a WAN connection. 
Conservation of bandwidth can be achieved with cache servers, filters, etc., and WAN 
traffic can be split to multiple WAN connections. 

Audio and video through a WAN connection can have a significant impact on network 
performance. Filtering of content addresses both bandwidth conservation issues and 
curriculum issues. 



52 



NETWORK DESIGN 



WAN ANALYSIS 45 



LAYERS AND COMPUTER PERFORMANCE 

Poor browser performance also may be a result of the user’s hardware and/or software. 

A computer's many /nfegratec/ subsystems all have a direct impact on performance. 
These subsystems include: 

• central processing unit (CPU) 

• disk (type, speed, controller) 

• memory (amount and type) 

• network interface card (speed) 

• graphics (memory, resolution, graphics card) 

• bus (type and speed) 

It is possible to conclude (erroneously) that lack of performance with high CPU utilization 
is caused by a CPU that is too slow when the problem is insufficient memory. A lack of 
sufficient memory can cause excessive swapping with both the disk subsystem and 
CPU, with resulting high utilization. To draw an analogy, one has to diagnose the “cause 
of the headache,” not treat the “headache.” 

This part of the report will attempt to serve two purposes — identifying problems and tools 
to assist in overall network performance from an end-user perspective, and education of 
the user to assist in better computer purchases. 

For simplicity, illustrative tools will be drawn mostly from PCs but the general principles 
apply to all computers. 



CENTRAL PROCESSING UNIT 

The central processing unit (CPU) is the component that actually performs all the work. 

It performs "one task at a time" and is synchronized with the system clock. A clock 
speed of 166 MHz means that the clock is running at 166 million (mega) times per 
second. If the CPU performs one task for every clock cycle, then it can run 1 66 million 
instructions per second. If the clock is 333 MHz, it is running approximately twice as fast 
as the one running at 166 MHz. 

The two most common computer families in schools are the PC and the Macintosh. 

Each CPU family has the instructions it can run built right into the silicon of the CPU. 
These instruction sets can not be modified. The Intel or PC family of computers include 
the 8088, 80286 (AT), 80386, 80486, Pentium, PentiumPro, Pentium II, etc. The 
Motorola family used in the Macintosh includes the 68000, 68020, 68030 (e.g., SE30), 
68040, and the PowerPC 601 , 603, and 604. 

CPUs are "interrupt driven." They are halted every time there is a request to write or 
read to disk, update the screen, and so on. Newer architectures such as PCI 2.1 
minimize the number of interrupts a computer receives and result in more efficient use of 
the CPU. 



NETWORK DESIGN 



53 



LAYERS AND COMPUTER PERFORMANCE 47 



Computers need to get their information from memory. There is special memory for 
"often used" instructions called "cache memory." Cache memory has very short 
distances to transfer the data to the CPU and has wide data paths for doing so. L2 
cache significantly a^^eclslhe overall performance of a computer. 



p Tips 




r - 

• Clock speed (me£ 

• L2 cache 

Iv - ■■ 'W ' 


isured in MHz) Higher is better. 

Having it is better. 



CPU METRICS 

Measuring the performance of computers is becoming more of a science than it used to 
be. CPU clock speed is a significant factor when recalculating a spreadsheet, doing 
document spell checks, and anything that is "compute-intensive." Photograph and video 
editing are examples of highly CPU-intensive tasks. 

Tasks such as typing, opening and closing files, e-mail, etc., tend to be affected more by 
the disk subsystem and memory than by CPU clock speed. Moving a window around on 
the screen is a highly CPU 7 intensive task (Figure 20), while surfing with a browser is not 
CPU-intensive. 



Tip 





computer, use the Task Manager to examine CPU utilization. This 
f to see if the task is CPU-bound. I 


On a Windows 95/NT 
is an inexpensive wa^ 


^ - -- - ^ ^ " - • V . •• : • • - : ^ .. . . - . i - ‘V - -- ^ 1 




O 

ERIC 



48 network design 



LAYERS AND COMPUTER PERFORMANCE 



[^■Pe»*oimance Monitor j 


i| File £dit ^ew 


~ r \ i 


i [q'qI qIMI ® 


MlWS’larMl ■ 



100 

95 

90 

65 

80 

75 

70 

65 

60 

55 

50 

45 

40 

35 

30 

25 

20 

15 

10 



0 ' 






Laslj 0.0CK3] Average P 




Colot 



Sc^e Counter 



Inttance 



Parent 



Ob|ect 




1.000 Processor Time 



1.000 User Time 



1.000 X Privileged Time 
0.0100000 In^errup^s/sec 



Processor 



Processor 

Processor 



FIGURE 20: CPU UTILIZATION 
MOVING A WINDOW AND LAUNCHING AN APPLICATION 



The overall CPU processor time shows a rapid rise to 100 per cent utilization. (Note that 
the graph time window is 100 seconds.) Moving a window on the screen will consume 
all of the CPU (first spike in graph). The faster the CPU-graphics subsystems, the 
smootherXhe move will appear on the screen. Launching an application software 
package such as Word 97 will result in a momentary utilization of CPU, as indicated in 
the later spikes. Much of the application launch latency will be related to the disk and 
not the CPU. This example demonstrates the interconnectedness of the subsystems. 

Four object counters were identified for the graph: 

• per cent processor time. Total computing by all processors on system. When 
this counter consistently approaches 100 per cent, the system OS will suspend 
some tasks in order for others to run. This will create a processor bottleneck. 

• per cent user time. Shows the total time spent on user or application processing 
and is one of the two components of total processor time. Applications that need 
to access hardware devices send the request to a privileged mode program. If 
this counter is high, then the application is the likely source of the bottleneck. 

• per cent privileged time. Shows the privileged operations such as video, disk I/O, 
NIC I/O, etc. This can be used to identify which processes are causing the 
bottleneck. 

• interrupts per second. The number of device interrupts. 

55 

NETWORK DESIGN LAYERS AND COMPUTER PERFORMANCE 49 



BEST COPY AVAILABLE 




Note that the scales, all of which can be modified, are not all the same. 

Performance Monitor and Task Manager both allow the user to examine CPU utilization 
in “real time,” while events are occurring. Two comparative tools are useful for 
measuring CPU performance— SPECmark and CPUmark 32 . One metric used within 
PCs is CPUmark 32 developed by Ziff-Davis, part of the Ziff-Davis’ WinBench® 98 
Version 1 .0 benchmarks suite. This metric, available in computer magazines, is highly 
useful when evaluating CPU performance. 

For example: 

• A Dell Dimension XPS D333 (a Pentium II running at 333 MHz) obtained a Ziff- 
Davis' WinBench® 98 Version 1 .0 ZD CPUmark 32 score of 1600 (PC Magazine, 
February 24, 1998, p. 46). 

• A Dell OptiPlex Gxa (a Pentium II running at 233 MHz) obtained a Ziff-Davis' 
WinBench® 98 Version 1 .0 ZD CPUmark 32 score of 693 (PC Magazine, December 
2, 1997, p. 185). 

Note: The above points are cited as magazine references instead of just 
CPUmark 32 results due to the constraints of the WinBench® 98 license 
agreement. 

A different metric that crosses CPUs is required to measure performance of dissimilar 
computers. If a school or jurisdiction is evaluating a tender for a financial computer or 
student record computer and there are many vendors, such a metric could assist in “right 
sizing” the purchase. For example, a Digital computer with an Alpha CPU, an IBM RISC 
6000, a Sun workstation, and a Pentium ll-based PC could be compared. 

One such metric is a SPECmark (Standard Performance Evaluation Corporation). A 
SPECmark is an audited benchmark that measures performance on various systems. 

For example: 

• a Dell Dimension XPS Pro200n 

- integer rating CINT95 = 8.20 

- floating point rating CFP95 = 6.21 

• Motorola 604e SPECint95 = 7.41 (@200 MHz, 66 MHz Bus, L2 — 512 KB, 60 ns 
EDO) 

• Motorola 603e SPECint95 = 4.4 (@200 MHz, 66 MHz Bus, L2— 512 KB, 70 ns 
DRAM) and SPECint95 7.4 @300 MHz 



Metric 




h— T— — . ^ - 
A good metric for PC 
platform servers is th( 

L _ — ■ ■ 


$ 

CPU performance is the CPUmark 32 . A good metric for cross- 
3 SPECmark. 




50 network design 



LAYERS AND COMPUTER PERFORMANCE 



Common to all benchmarks is a detailed outline of precisely what hardware and software 
were used for the test. This is important since a different disk drive could substantially 
alter a computer’s performance. 



r ^ 




: u - - ' - 

When evaluating hart 
assist in evaluating ni 
have been clearly ide 


Jware, require the vendor to supply benchmark results. This will 
Dt only relative performance but will ensure that all subsystems 
ntified. » 


1 -..11 ' .-..It," J..1 ^ ^ » a ^ . . . , " . • ^ 1 1 c ^ ~ 



STATE OF THE ART 

Performance is much more important for servers than for most user computers. The PC 
environment is changing very rapidly. At the time of this writing, gigabit Ethernet 
adapters were becoming available and new bus speeds of 100 MHz were beginning to 
appear. The most dramatic improvement in PC architecture was the splitting of video 
(like the AGP graphics) and other subsystems to use less of the CPU than in earlier 
computers. 



PC Standards 

L _ . . , . ... 






L 

The PC98 standard ( 
<httD://develoDer.inte 
serves as a forum for 

1. . — 


<httD://www.microsoft.com/hwdev/desauid/> and 
l.com/desian/oc98/>) outlines the chanaes from PC97 and also 
the evolving PC99 standard. 



Typical specifications for a high-end PC at this time include: 

• 350-400 MHz Pentium II with 51 2K cache (BX chipset, new) 

• ECC SDRAM memory 

• 100 MHz-bus (new) 

• Ultra-Wide SCSI-3 hard disk drive (new) 

• AGP video card with 8 MB video memory 

• 10/100-MbpsNIC 

• AWE 64-compliant sound with speakers 

The current performance differences between a 300- and a 333-MHz computer likely will 
not be enough to warrant the price difference. According to benchmark tests, the 
CPUmarkss of a 333 MHz is between 800 and 850 while a 266 MHz obtains a score of 
approximately 700. This is because other subsystems are affecting the performance 
more than the CPU clock. Most users in education will not notice this difference. 

57 



network design 



LAYERS AND COMPUTER PERFORMANCE 51 



Some significant changes occurred during 1 998. With the arrival of the next generation 
of the Deschutes-based PCs, the clock rates go to around 400 MHz but the bus speeds 
increase to 1 00 MHz (from 66 MHz). 

By mid-1998, Intel began to ship the replacement for the PentiumPro (Xeon), which has 
a full-speed backside bus, 1 00-MHz system bus, and 2-MB Level 2 cache. Late 1 998 
saw the 450 NX chipset with hot plug PCI. MMX-based Intel computers will not be a 
player. 

The new G3 Macintosh is the first Macintosh to have some of the more common PC 
features (< http://til.info.apple.com/techinfo.nsf/artnum/n24396 >). In addition to the faster 
clock (300 MHz), it has: 

• a 1 -MB backside L2 cache 

• 1 50-MHz dedicated 64-bit backside bus 

• integrated floating-point unit and 64K level 1 on-chip cache (32K data and 32K 
instruction) 

• 66-MHz system bus 

• 64 MB or 1 28 MB of SDRAM 

• 64-bit memory bus 

• 10/100 Basel 

• UW SCSI hard disk 

• 1 28-bit 2D/3D graphics accelerator, 6 MB SGRAM 

• three PCI expansion slots compatible with PCI 2.1 -compliant cards 

• two high-speed DMA serial (RS-232/RS-422) ports compatible 

These significant hardware improvements for the typical Macintosh will result in 
noticeable improvements to the end user. Compare these specifications with the Model 
6500 (603e at 250 or 275 MHz, 32K internal cache, 256 or 51 2K L2) with a 50 MHz 
system bus or an older LC 630 (66 MHz) with a 33 MHz bus at 32 bits. 

There are no SPECmark ratings for Macintosh computers, and the MacBench ratings 
have no comparability to the WinBench numbers. Some Macintosh computers were 
rated in MIPS (millions of instructions per second) with an LC III rated at 6.3 MIPS and 
an LC 575 rated at 29 MIPS. MIPS is useful only when looking at the CPU performance. 

Caveat Emptor. Not all CPU benchmarks will yield identical metrics. It is quite possible 
to use CPUmark 32 , SPECfp95 and SPECint95, Norton Multimedia and SI32, and Intel’s 
Media and get different results. You will have to dig deeper to examine what the 
benchmark is actually testing. 




52 NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 



Tools 



L — — 

Ziff-Davis 

SPEC 


"l!- ■. 

CPUmark32 

CPU95 


<httD://www.zdboD.com> 

<http://www.SDecbench.oro> 






L . : : 


f ' "V r f’ ^ 


^ s : : y . ; i 







Future trends: 

• Slot 2-based Pentium II (“Marlinespike”) with four dual in-line memory modules, 
the new 440GX chip set and up to 2 GB RAM 

• Colfax-based notebook with Pentium II, 440BX chip set, Rambus support, 2X 
AGP, 100 MHz bus and IEEE 1394 (due second half of 1999) 

• Merced (“Bigfoot") with two Merced processors, 4X AGP, modular I/O, 460GX 
chip set and Slot M interface (due fourth quarter, 1999) 

• Katmai-based Pentium II to include 440JX (“Camino”) (due second quarter, 
1999) 



MEMORY 

Computers have many types of memory. The user is faced with EDO, SDRAM, ECC, 
VRAM, WRAM... and the list goes on. For the majority of end-user computers, whatever 
comes with the computer or whatever the motherboard is designed for is adequate. 
Macintosh users seldom have the opportunity to choose the type of memory they 
purchase whereas most PC purchases require input. In early 1998, SDRAM was the 
normal type of memory in microcomputers. 

The amount of memory has a very large impact on a computer’s performance. NT is 
particularly sensitive to memory: the difference in performance between 32 MB and 64 
MB for a 200-MHz Pentium MMX is approximately 20 per cent and a 300-MHz Pentium 
II performs approximately 50 per cent better than 32 MB (PC Magazine, 

September 23, 1997). 



NETWORK INTERFACE CARD 

The network interface card (NIC) is the postal service that delivers mail from the “source” 
to the “destination." It never reads the “mail” but only delivers it. The network adapter is 
referred to as a “dumb” device because it never tries to read or make sense of any data 
in a packet. If it can not deliver the data, it will continue to retry until the software tells it 
to stop trying. 

The NIC has a maximum rate at which it can send and receive data. While a 10-Mbps 
NIC has a rated capacity of 10 million bits per second, a NIC has a rating of 
approximately 7.4 Mbps maximum (approximately 74 per cent). 



NETWORK DESIGN 



59 



LAYERS AND COMPUTER PERFORMANCE 53 



Metric 



The maximum capacity of a 10-MBps NIC is approximately 7.4 MBps and the maximum 
for a 100-MBps NIC is approximately 56 MBps (under special circumstances this can be 
higher). 

10BASE-T refers to 10 Mbps data rate, base band frequency, 100-metre lengths, and 
1 00-ohm UTP cable with RJ-45 connectors. 

Note; When multiple computers share a 1 0-Mbps Ethernet segment, the overall 
interactive traffic begins to degrade when total network traffic is above 3 Mbps; i.e. 
greater than 30 per cent. 

- . ^ 4 » i , 



Tip 




Standardize on 10/1C 


lO-Mbps NICs. 


i % Sf- ^ ^ ^ V. . / 10 S' ^ ^ ■ - ■ ; ■ N - ' -o'. ^ w 1- o 



The NIC delivers the data. Its data transfer rate depends on other subsystems in the 
computer — bus speed, data path width, disk/memory subsystem, and IP stack. The NIC 
is attached to the computer through various means (on the motherboard, in a PCI slot, 
etc.). For discussion, assume that the NIC is in a PCI slot. The clock speed of the bus 
and the number of bits it can receive determine how fast the NIC can deliver the data to 
the computer. Recall that older Macintosh computers like the LC630 had a bus speed of 
33 MHz. Most current computers have a bus speed of 66 MHz. 

The second variable in performance (getting data into computer memory) is the data 
path (32 bit, 64 bit, etc.). A bus receiving data 64 bits at a time will have a two-fold 
performance advantage over a bus receiving data at 32 bits at the same clock speed. A 
user will notice both bus speed and width of the data path when receiving a page at a 
browser. 



er|c 



54 network design 



LAYERS AND COMPUTER PERFORMANCE 




FIGURE 21 : FILE TRANSFER THROUGH A NIC 



Performance Monitor (NT) can be used to examine traffic to a NIC (Figure 21). In this 
case, 90 MB in 890 files of data were copied from a server to the local computer. The 
average for data received was 540,770 Bps (top line). The CPU was utilized at a peak 
of 45 per cent (centre line) and the average for bytes sent (mostly acknowledgements) 
was around 2 MBps (bottom line). 

Examination of the bytes received (top line) indicates that the rate of a file transfer varies 
considerably. Many small files result in slower overall transfer rates while large file 
transfers will have a smoother graph. 



BEST COPY AVAIUBLE 



61 



NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 55 







FIGURE 22: FILE TRANSFER THROUGH NIC— NON-UW 



The transfer in Figure 21 was to a PCI-based UW SCSI disk drive. To illustrate the 
impact of the disk subsystem on NIC performance, the same 90 MB of data in 890 files 
was transferred to a computer that was identical in every respect except for the disk 
drive (Figure 22). The drive in the second test was to a PCI-based SCSI-2. Notice that 
CPU utilization was significantly higher (in the 50 per cent range). The CPU of a server 
with this drive subsystem would spend approximately half its time being interrupted and 
serving disk subsystem requests. It would likely peak for performance when there are 
very few additional tasks. 



r Tip 




i- - ■' - ~ - • • 

Servers with high I/O 


requirements require UW SCSI disk drives. 


[ . . .. i ^ .. U ,:;: 4,4- 0. -! > .-4 s ^ ^ i ^ ■ . , ■- » .,1 



What is actually going on in the Ethernet cable can be examined with a probe. RMON 
probes give a different look at the network during the 90-MB file transfer. The packet 
size trend (Figure 23) illustrates that the network attempts to utilize the largest packets 
possible. Again, realize that each packet received has a 64-byte acknowledgement 
packet. It is clear that the majority of packets are large as a file is being transferred. 




BEST COPYAVAILABLE 



o 

ERIC 



56 network design 



LAYERS AND COMPUTER PERFORMANCE 




FIGURE 23: PACKET SIZE TREND 



Figure 24 shows utilization and numbers of packets per second. Network utilization 
attained peaks of 50 per cent during, the transfer, with packet rates peaking at 
approximately 700 pps. RMON gives users the ability to examine the same file transfer 
from different points of view. 



BESTCOPYAVAILABLE 



G3, 



NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 57 






FIGURE 24: UTILIZATION AND PACKET RATE 



A disk can have a great impact on the NIC performance during file transfers. To 
illustrate this in more detail, a single, file of 1 1 .4 MB was transferred four times. 
Performance Monitor was utilized to examine the NIC (Figure 25). The scales for each 
of the counters is different — there is a one thousand times difference between the bytes 
received and sent. This was done so that the lines could be visible on the graph. The 
packet per second scale is 0.01 . 

A single file has a “ramp-up” time of one to two seconds (the ascending curve), a 
relatively flat transfer rate of approximately eight seconds, and a “ramp-down” time of 
one to two seconds (the descending side of the curve). Each repetition yielded similar 
results. This example illustrates the actual transfer rates of the NIC-disk subsystem for a 
particular computer with a file size of 1 1 .4 MB. 



BEST COPY AVAILABLE 

G4 



58 network design 



LAYERS AND COMPUTER PERFORMANCE 




FIGURE 25: NIC-DISK TRANSFER RATES 



GREENING 



Although many students and staff are very ecologically aware, few seem to think of WAN 
bandwidth as a scarce resource. The following tips will help conserve bandwidth. 



Tips 

F'.' 

• Set “autoload images” off. Students like multimedia and visual presentation of 
information, but the pictures and animation require significant bandwidth due to their 
size. Not automatically loading these images will significantly reduce WAN traffic. 

• Tune the cache on the local drive. 

• Use a site-based cache server. 

• Download web pages in non-peak hours and store them in the school. 

• Minimize high bandwidth applications (real-time audio, two-way video, etc.). Use 
them only where they are needed. 

• Limit the number of sessions per browser. 

• Schedule WAN classes in the same way as the music room and gymnasiums. 

• If more than one school is using the sqme ISP, get a jurisdiction-level cache server. 

B5 



NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 59 



Bb§ff}f^S)VA\/All Aloi rr 





HARD DISK SUBSYSTEM 



The hard disk plays a significant role in the performance of a computer. Every time a 
web page is accessed, a copy of the file is cached to the local hard disk. Again, many 
computer purchasers examine only the size of the disk drive (in GB) and seldom look at 
the components that actually make a difference in performance. 

These components include: 

• rotational speed (rpm) 

• access time (milliseconds) 

• seek time (milliseconds) 

• transfer rates (MBps) 

• mean time between failure (MTBF in hours) 

• warranty 

A 3-GB drive with a rotational speed of 5400 rpm (normal) will perform differently than 
the same-sized drive at 4500 rpm (low end) or 7200 rpm (high end). State of the art 
rotational speeds are 10,000 rpm. 



Buying Tip ” 

Typical consumer drives have rotational speeds of 5400 rpm. The minimum for servers 
should be 7200 rpm (and UW SCSI). 




Average seek time is the average time the hard disk takes to move its read/write heads 
over the platters to a requested track. Seek times tend to decrease as disk capacity 
increases (about eight to ten milliseconds). Average latency specifies the time the drive 
takes to spinlhe platters until the appropriate portions of the track are spinning under the 
heads. Average access time is the sum of average seek time and average latency. It 
typically represents the amount of time it takes a hard disk to locate data. 



Typicai Drives 



Average seek times typically are about eight to 1 0 milliseconds. 

Average latency times are typically about 4.5 milliseconds for disks greater than one 
GB. 

Average access times are typically about eight to 12 milliseconds. 



86 



o 

ERIC 



60 network design 



UYERS AND COMPUTER PERFORMANCE 



r ^ ; 

■ - ' 






Computer magazines 


. typically quote access times. 


1 —I " ^ if 1. > ^ ^ ^ ^ ^ ^ .l..i : . i. " ' ; ^ U t ^ ‘ i_J_ < ^ ' 



Transfer rates are the maximum rates at which the data can be transferred. Internal 
transferrate is the speed at which the drive can take information off the disk and into 
internal buffers, and external transfer rate is the speed at which the data is actually 
transferred to the computer. The transfer rate (MBps) gives an indication of the 
performance of a drive. A 1-MB picture transferred at 16.6 MBps would take 0.06 
seconds under the best conditions. Again, under “real conditions,” these are maximums. 

Disk drive performance is seldom an issue unless a school is considering servers or is a 
high-end user. Cache servers, library servers, etc., require a significant amount of disk 
I/O. 

There are a number of disk drive performance metrics available (Table 12). 

• Adaptec’s ThreadMark 2.0 < http://www.adaptec.com > 

• Ziff-Davis’s SpeedRate < http://www.zdnet.com/zdhelp/dl > 

< help/speedrate/speedhelp.html > 

SpeedRate gives three metrics — processor, disk, and graphics. A 120-MHz Compaq 
Deskpro (Column 2) yields a processor score of 357 while a Dell Pentium II 233 (Column 
6) yields a score of 864 (2.4 times faster). The Compaq 120 had a mechanically slow 
drive and yielded a disk score of ninety. This metric confirmed a suspicion that there 
was a slow drive in the computer that warranted further investigation. As it turned out, 
this particular batch of computers had slow drives (about 4500 rpm). The result was 
tightening of specifications for computer purchases. 

Often, more than one tool is required to uncover drive-related performance problems. 
Adaptec’s ThreadMark exercises disk drives with various-sized I/O loads and monitors 
CPU utilization at the same time. Two identical Pentium II 266s were tested, one with an 
EIDE drive (Column 7) and one with UW SCSI (Column 8). While their SpeedRate CPU 
metrics were not that dissimilar (233 and 254), the data transfer rates were substantially 
different (3.41 MBps and 5.92 MBps). The amount of time the CPU required for the 
tests was very different as well (70 per cent and 1 1 per cent). In other words, the EIDE- 
based computer spent 70 per cent of the CPU time servicing the disk I/O requests 
compared to 1 1 per cent for the UW. It is easy to see from this test why any server- 
based application requires a UW drive. 




NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 61 



Columni 


Column 2 


Column 3 


Column 4 


Column 5 


Column 6 


Column 7 


Column 8 




Pentium 


Pentium 

OD 


Pentium 

Pro 


Pentium 

Pro 


Pentium 

II 


Pentium 

II 


Pentium 

II 


MHz 


120 


133 


200 


180 


233 


266 


266 


Speed Rate 
















Processor 


357 


297 


806 


811 


864 


983 


994 


Disk 


90 


164 


232 


410 


269 


233 


254 


Graphics 


332 




418 


277 


537 


951 


1143 


Threadmark 2.0 
















Data Transfer 
Rate in MBps 


1.93 


3.23 


2.51 


5.22 


5.20 


3.41 


5.92 


Average CPU 


37.05% 


40.64% 


55.18% 


12.90% 


10.16% 


70.27% 


1 1 .34% 



TABLE 12: DISK SPEED METRICS 



Tips n 

• According to Microsoft (< www.microsoft.com/hwdev/devdes/idedma.htm >). typical 
computers use 40 per cent CPU doing hard-drive transfers in PIO mode and 25 per 
cent in DMA mode. There is a fix for Windows 95. 

• UDMA drives promise burst speeds of 33 MBps. Only computers with the TX 
chipset or LX chipset from Intel can make use of the increased speed. The other 
chipsets will run in PIO Mode 4 (ATA-2). Win98 will support UDMA, and Windows 
NT Workstation will require an upgrade to ATAPl.SYS to utilize it. 



The web provides extensive information about manufacturer and model numbers for disk 
drives (Table 13). Data on track/inch and other metrics are readily available at the 
various sites. 



er|c 



62 network design 



LAYERS AND COMPUTER PERFORMANCE 



Manufacturer 


Quantum 


Western 

Digital 


Quantum 


Quantum 


Seagate 


Model 


Bigfoot TX 


AC22100 


Atlas II 


Viking II 


Cheeta 9 


Formatted Capacity (MB) 


4018 


2111.8 


4550 


9100 


9100 


Interface 


Ultra 

DMA/33 


EIDE 


UltraSCSI-3 


Ultra LVD 


Ultra 2 
SCSI 


Seek Time (ms) 












• Average (read) 


<12 


<12 


8 


7.5 


5.7 


• T rack-to-T rack 


2.5 


3 


1 


0.9 


0.8 


• Full Stroke 


24 


22 


<18 


<=15 




Average Rotational Latency 
(ms) 


7.5 


5.76 


4.17 


4.17 


2.9 


Rotational Speed (rpm) 


4000 


5200 


7200 


7200 


10,025 


Maximum Areal Density (MB 
per sguare inch) 






659 


1340 




Buffer Size (KB) 


128 


128 


512 


512 


1024 


Internal Data Rate (MB/s) 


142 


53-1 04 


121 


98-170 


122-177 


Internal Formatted Transfer 
Rate (MB/S) 










14.5-23 


Transfer Rate - Host (MB/s) 


33.3 


33.3 


40 


80 


80 


MTBF (hours) 




300,000 






1,000,000 


Warranty (years) 




3 


5 






Source 


http://www. 
quantum. CO 
m/products/ 
hdd/biafoot 
tx/o bio s 


httD://www. 
wdc.com/pr 
oducts/drive 
s/drive- 
specs/ AC22 


httD://www. 
ouantum.co 
m/products/ 
hdd/atlas 11/ 
0 at SD.ht 


http://www. 
ouantum.co 
m/products/ 
hdd/vikino 1 
I/O vko2 kv 


httD://www.s 

eaoate.com 

/disc/cheeta 

h/cheetah.s 

html 


p.html 


100.html 


ml 


.html 





TABLE 13: SAMPLE DISK DRIVE SPECIFICATIONS 



The Ziff-Davis Winstone and WinBench benchmarks are for business and high-end 
users. Business Winstone98 uses nine applications — Netscape Navigator, Microsoft 
Word 97, PowerPoint 97, Excel 97, Access 97, Lotus 97, Corel WordPerfect 7, Quattro 
Pro 7, and CorelDRAW 7. These are the applications most likely to be found on a newer 
computer in K-12 education. The high end (NT only) uses include Adobe Photoshop 

4.01, Premiere 4.2, Microsoft FrontPage97, Visual C++5.0, MicroStation 95, PV-Wave 

6.1 , and AVS/Express 3.1 . 

One of the WinStone categories, business task switching, tests how well a system 
performs when switching between applications such as Word and Excel. 

69 



NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 63 



The WinBench suite tests five major subsystems— processor/RAM, graphics, disk, CD- 
ROM, and full-motion video. The 3D suite tests performance and rendering quality for 
3D graphics. 

Tests were conducted on various computers. The results for the researcher’s Pentium II 
(266) appear in Table 14. The drive tested was a Quantum XP39100W. The two major 
scores gave the overall transfer rate for the business test at 1360 KBps and a high-end 
transfer rate of 3380 KBps. 



Benchmark 


Result 


Notes 


WinBench 98/Business Disk WinMark 98 (thousand bytes/second) 


1360 





WinBench 98/High-End Disk WinMark 98 (thousand bytes/second) 


3380 


:J7T5 


Benchmark 


Result 


Notes 


WinBench 98/Disk Playback/Bus:Browsers (thousand bytes/second) 


2110 




WinBench 98/Disk Playback/Bus:Overall (thousand bytes/second) 


1360 





WinBench 98/Disk Playback/Bus:Publishing (thousand bytes/second) 


1580 




WinBench 98/Disk Playback/Bus:SS/Database (thousand bytes/second) 


949 




WinBench 98/Disk Playback/Bus :Task Switching (thousand bytes/second) 


1640 




WinBench 98/Disk Playback/Bus:WP (thousand bytes/second) 


1620 




WinBench 98/Disk Playback/HE:AVS/Express 3.1 (thousand bytes/second) 


2500 




WinBench 98/Disk Playback/HE:FrontPage 97 (thousand bytes/second) 


2360 




WinBench 98/Disk Playback/HE:MicroStation 95 (thousand bytes/second) 


6650 




WinBench 98/Disk Playback/HE:Overall (thousand bytes/second) 


3380 




WinBench 98/Disk Playback/HE:Photoshop 4.0 (thousand bytes/second) 


2500 




WinBench 98/Disk Playback/HEiPremiere 4.2 (thousand bytes/second) 


4400 




WinBench 98/Disk Playback/HE:PV-Wave 6.1 (thousand bytes/second) 


2830 




WinBench 98/Disk Playback/HE:Visual C++ 5.0 (thousand bytes/second) 


8510 




WinBench 98/Disk/Read CPU Utilization (per cent used) 


5.9 


y,4,b,iu,n — 


WinBench 98/Disk/Read Random Access :Average Seek Time (milliseconds) 


10.5 


37r5 


WinBench 98/Disk/Read Transfer Rate:Beginning (thousand bytes/second) 


9630 


37TB 


WinBench 98/Disk/Read Transfer Rate:End (thousand bytes/second) 


8920 





TABLE 14: WINBENCH98 DISK RESULTS 



Notes: 

3. The playback directory was c:\~wbdtmp. 

4. Common test settings: Disk Drive = c:\ CDROM Drive = e:\ Report CPU Utilization = No. 

5. The following Windows tasks were running during this test and could affect the test results: 
comsmd.exe, LexStart.Exe, mgactrl.exe, MGAHOOK.EXE, MGAQDESK.EXE, mgasc.exe, 
netMedic.exe, OSA.EXE, pstores.exe, REALPLAY.EXE, smartagt.exe, snmp.exe, syshook.exe. 

10. The block size used was 32,768 bytes. 

1 1 . The transfer rate achieved was 9488 thousand bytes per second. 







BEST COPY AVAILABLE 



64 network design 



LAYERS AND COMPUTER PERFORMANCE 



The overall score results are a composite of various subtests. Notice the bus browser 
gave a score of 2110; word processing, 1620; and video editing, 4400. These numbers 
indicate transfer rates for particular application software and can be matched to the 
applications required for the computer. Notice that the overall CPU was 5.9 per cent 
whereas the disk-intensive ThreadMark yielded 1 1 per cent. 







r 

. ...A 

Use benchmarks, anc 
people to quantify var 
towards a science. R 
be tailored to maximi: 

i : z: :; . . : y ■ 


1 ask for them when dealing with vendors and colleagues. It forces I 
Tables and moves computing capacity planning from a “black art” 
lealize that some benchmarks that do not publish source code may 
!:e features. 

•' i TP" \ ■■ ■■ **_ *_ :• ; * .. J. ’ ’-L. ' ' 



On a recent price list acquired for this report, five 4.5-GB UW SCSI drives were 
examined. The prices for these drives ranged from a low of $624 to a high of $959, for a 
difference of $335. All the drives were “4.5-GB UW” drives. Having more detailed 
specifications would permit the rational matching of disk drives to the purpose for which 
they are intended. “Let the buyer beware. ” 



r"'" ■ , >■ ' 




1 ^ 

The manufacturer an( 
specifications on the i 

Seagate: 

Quantum: 

Western Digital: 

IBM: 

I ^ ' 


h model number of a drive can be used to locate drive 
manufacturer's web site. The most common drive sites are: 

< htto ://www. seao ate . com/> 

<httD://www.auantum.com/> 

<htto://www.wdc.com/> 

<httD://www.storaae.ibm.com.:80/storaae/hardsoft/diskdrdl.htm> 



Drive technology continues to evolve. At the trme of this writing, Ultra-2 SCSI drives 
were beginning to appear. (So were fibre channel, but this is not an issue for most 
school locations.) Ultra-2 SCSI or SCSI3 drives double the bus bandwidth from 40 
MBps to 80 MBps and illustrate the move to more “intelligent” subsystems. As with 
graphics, the disk subsystem is moving towards reducing the load on the CPU and bus. 

Those who need to buy “the newest and best” should look up the specifications and ask 
the vendor for the disk tests in the WinBench suite. Just because it is possible to deliver 
up to 80 MBps does not mean it will on the computer someone installs it on. 



er|c 



NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 65 



Tips 



• Do not put a fast, state-of-the-art drive in a computer that has a slow controller or 
bus. 

• 7200 and 1 0,000-rpm drives generate more heat. Ensure case ventilation. 

• By installing drives with lower specifications, vendors can increase profit margins 
when only size is specified. Ask for model numbers and performance benchmarks. 

• A sustained data rate of 3.5 MBps is adequate for many typical users. 

• Multimedia requires a sustained data rate of greater than 5 MBps. The higher the ; 

better. - 

• An additional source of information on disk drives is advertisements in the back of ; 
computer magazines. Companies that specialize in selling disk drives will list the 
manufacturer, model, rotational speeds, and prices in $US. 

• CD-ROM speeds require more than spin rate. Look at more detailed questions such 
as transfer rates. 

• Performance is often reduced because the data on a disk drive becomes 

fragmented. The regular defragmentation of disk drives significantly changes their 
performance. :: 



FireWire (IEEE 1394) has burst throughputs between 100 and 400 Mbps and will be 
used to directly move video from a digital video camera to a drive. This interface permits 
downloading of large amounts of digital video directly to the computer for editing. By 
eliminating data conversion, it permits “lossless” non-linear editing. There are shipping 
products with FireWire adapters, both in the video world and microcomputer world. 



FIREWIRE VERSUS USB— TWO SEPARATE PURPOSES 



1394/FireWire USB 

Maximum Devices 62 127 

Data T ransfer Rate 200 Mbps 1 2 Mbps 

(25 MB/S) (1 .5 MB/S) 

Macintosh Yes No 



The future 1 394 will include 400 Mbps, 800 Mbps, and 1 Gbps whereas USB is not 
designed to change. 

Peripherals of 1394 will be disk drives, DV camcorders, HDTV, set top boxes, high- 
resolution digital cameras, etc. Peripherals of USB will be keyboards, mice, monitors, 
joysticks, speakers, etc. 




66 NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 



Tip 


1 


^ ^ ^ ^ J 



DV capture from a 1 394-enabled camcorder to a computer requires a sustained data 
transfer rate of 3.6 MB per second or more. A hard disk that is not fast enough to 
capture data at this rate will drop frames. IDE drives are not fast enough so a SCSI 
drive will be required. 

^ ^ s ^ ^ ^ i : ' r ’ ■■■■■■■■■■■■■■■■ y vv ^ ^ ^ ^ g- ^ j ^ ^ ^ ^ V ^ ^ ... ; 



CASE ANALYSIS: CD SERVER ON HD 

Grande Yellowhead Regional Division No. 35 has demonstrated the use of a “switched 
to the desktop” coupled with common CDs such as Encarta on a server with UW SCSI 
drives. Schools in the division have a cache server on site. Students can access 
information from the faster hard drives instead of the CD. This excellent design makes 
common services available throughout the school. In elementary settings, it also can 
significantly reduce the Internet traffic requirement since more of the data resides in the 
school. 



GRAPHICS SUBSYSTEM 

The graphics subsystem in computing is changing very quickly and will likely continue to 
do so. The graphic subsystem consists of the graphics card (may be a card in a slot or 
on the motherboard) and the monitor attached to the computer. 

Most monitors have physical metrics which include screen size (15, 17, 19, 21 inches), 
pixel size (0.25-0.28 mm), refresh rates (60-100 Hz), etc. Schools purchasing 
computers need to ask questions about more than screen size. A 17-inch monitor that is 
specified to display a maximum of 1024 X 768 pixels is a different price than one that is 
specified to display 1280 X 1 024. To be “flicker free,” the vertical refresh rate (the 
number of times per second the screen is redrawn) needs to be 85 Hz or better. 

Screens that deliver 1024 X 768 at 60 Hz will exhibit flicker and often cause eyestrain. 
Since the screen is the major component for the user, specify more than just screen 
size. 



Tips : 

I - . . - . v. 

• While the monitor currently is attached via a special cable, new monitors (and 
speakers) will make use of the USB port coming with the newer motherboards. This 
is an important trend to keep in mind when purchasing equipment. Consider 
monitors that have a USB option. 

• If the graphics card can display 1600 X 1200 and the monitor 1024 X 768, then all 
the user will ever see is 1024 X 768. Monitors of lower standards can be attached to 
higher-end graphics cards, but will be able to display only to their own specifications. 

• USB has a burst throughput of 12 Mbps. 

• Always specify requirements in size of screen, pixel depth, and refresh rates. For 
example, 1 7 inch — 1 024 X 768 at 24 bit and 85 Hz. 

• Screen size is important. A 19-inch screen is not just two inches larger than a 17- 
inch screen. It has 28 per cent more viewing area. 

I ' . - 



NETWORK DESIGN 



73 



LAYERS AND COMPUTER PERFORMANCE 67 



Since graphics cards are changing rapidly, this report deals with only a subset of the 
issues. The amount of graphics memory can be derived easily (Table 15), depending on 
requirements. For flexibility, the graphics card should be able to add memory as 
requirements change. 



Resolution 


16 colour 
4 bit 
MB 


256 coiour 
8 bit 
MB 


65,000 
coiour 
16 bit 
MB 


16.7 M 
24 bit 
MB 


640 X 480 


0.5 


0.5 


1 


2 


800 X 600 


0.5 


1 


2 


2 


1024X768 


1 


1 


2 


2 


1280 X 1024 


1 


2 


4 


4 


1600 X 1200 


2 


2 


4 


8 


1800 X 1440 


2 


4 


8 


8 



TABLE 15: GRAPHIC RAM REQUIREMENTS 



Graphic performance, which is more difficult to quantify, is perhaps the most rapidly 
changing subsystem in a computer. Assuming a PCI bus card, the CPU must take its 
graphic output from memory and send it to the graphics card via the PCI bus. The 
graphics card then converts the digital information back to analog and sends this to the 
monitor, which in turn displays the information on the screen. Moving a window on the 
screen therefore becomes a CPU-intensive task. 

In moving identical windows on a variety of computers — a Pentium II with a good 
graphics card, a PentiumPro, a Pentium with and without MMX, an older Macintosh like 
an LC575, and a new G3-based Macintosh — ^the impact of limiting factors of CPU clock 
speed, bus speed, bus data path, etc., will quickly become obvious. 

New graphics cards are now on the market and new 3D graphics cards are becoming 
more common. A comparison of three graphics cards (Table 16) illustrates the 
increased complexity of graphics subsystems and the lack of easily obtained detailed 
information. 




ERIC 



68 network design 



LAYERS AND COMPUTER PERFORMANCE 




Graphics Cards 


Millenium II 


GLoria-L 3D 


Fire GL 4000 


Acceleration 


2D GUI, 250 MHz 
RAMDAC 


IBM RGB526DB 
200 MHz 


Tl TVP3026 220 
MHz 


2D3D Controller 






Evans and 
Sutherland 3DPro 


VGA Controller 






Cirrus 5446 


Memory 


WRAM 


VRAM 


3DRAM, 






DRAM 


CDRAM 


Controller 


MGA2164W 






Bus Type 


PCI 






RAMDAC MHz 


250 






Maximum Memory MB 


16 




16 


Memory Speed 


50 ns 


60 ns VRAM, 50ns 
DRAM (GLINT) 


10 ns 3DRAM, 15 
ns CDRAM (3DPro) 


Data Path 


64-bit 


64-bit 


64-bit 


Controller Clock Speed MHz 


66 


50 


70 


Maximum Vertical Refresh Rate 
Hz 


200 


200 


120 


Maximum Horizontal Scan Rate 
KHz 


114 






Maximum Pixel Rate MHz 


250 


200 


200 


Random 1 0-Pixel Solid Lines 
(K/s) 


310 


1250 


6000 


Filled 25-Pixel T dangles (K/s) 


140 


500 


2000 



TABLE 16: COMPARISON OF NEWER GRAPHICS CARDS 




The WinBench98 suite attempts to quantify graphic performance and therefore give the 
user a few metrics to use instead of a longer list of detailed parameters. These include 
the WinBench98/Business Graphics WinMark98 and WinBench98/High-End Graphics 
WinMark98. 

A recent significant development in graphics is the accelerated graphics port (AGP) first 
implemented with the Intel 440LX chipset. Recognizing that the PCI was getting 
congested by ever-increasing graphics traffic, Intel decided to move the graphics traffic 
to a dedicated point-to-point channel between the graphics controller and the system 
chip set. AGP frees up the PCI bus for other tasks such as I/O to the disk and network. 



The 66-MHz PCI bus has a capacity of 1 33 MBps. AGP-2x will deliver 533 MBps and 
AGP-4X (1999) will deliver greater than one GBps. This greatly increased graphics 



ERIC 



NETWORK DESIGN 



75 



LAYERS AND COMPUTER PERFORMANCE 69 



transfer rate is starting to be matched by faster graphics engines on the AGP graphics 
cards. 

For more information on AGP: < http://www.intel.com/technolOQv/agp/ > 

One of the “hot” new graphics engines is the RIVA128 chip from nVidea rated at five 
giga floating points operations per second (GFLOPS) floating point setup engine and 
fifteen billion operations per second (BOPS) integer pixel engine. Another metric is five 
million triangles per second and 100 million pixels per second. There is not much point 
in having AGP without a faster graphics processor. 

AGP will be supported in NT 5.0 and Windows98. It appears that there are no 
equivalent developments similar to AGP in the Macintosh environment. 

In April 1998, computers with the Intel BX chipset began shipping'. This chipset, which 
supports a bus speed of 100 MHz, will have a significant impact on performance, 
particularly for high traffic areas such as servers. 



Tip 



1 ■ ' 


quire the capacity of AGP-type developments except for high-end 
reality (VRML). (VRML simulations will increasingly become 
1 .) Flexibility is the issue for education users. If it is anticipated that 
^RML will be a reality in the life of the computer (three to seven 
/ be worth looking at. 


Most users will not re 
applications or virtual 
available in education 
applications such as ' 
years), then AGP ma; 


■ . ■ ■ . ^ - > — ■ ^ ^ ^ - - ^ i : ^ v ; . ^ . 



O 

ERIC 



Useful Sites T ^ ^ 

I' -* *'- 

Some common graphic sites: 

Matrox < http://www.matrox.com/ > 

S3 < http://www.s3.com/ > 

Cirrus Logic < http://www.cirrus.com/ > 

ATI < http://www.atitech.com/ > 

NVidea < http://www.nvidia.com/products/frames overview.html > 



MOTHERBOARDS 



The school micro is no longer a stand-alone entity. Since support is part of the long- 
term cost of ownership, the following specifications should be required in any new 
computer: 

• DMI 2.0 compliance. “Compliant” is different from “compatible.” DMI permits 
remote monitoring as well as inventory of system components. 



76 



70 network design 



LAYERS AND COMPUTER PERFORMANCE 



• 32-bit service layer. If a network management package (e.g., HP's OpenView) is 
to be managed remotely, there must be a 32-bit service layer that arbitrates 
access and manages the PC's MIF database (should come with DMI 2.0). 

• MIF browser. A management information file browser allows queries for 
hardware and software information. Many MIF browsers are proprietary, but 
there are some emerging standards. 

• Wake on LAN. A newly emerging capability will permit network administrators to 
remotely “power up” a computer and update files, monitor assets and inventory. 

Alberta Education has asked jurisdictions for computer inventory reports in the past. 
Maintaining current inventory lists are a chronic problem since computers are moved, 
new ones acquired, different versions of software are installed, and so on. Couple this 
with recent changes to Canadian copyright law, and maintaining inventory becomes a 
significant management issue for schools and jurisdictions. "Wake on LAN" and DMI are 
some of the technologies that will ease the burden of keeping inventory by making it 
interactive. 



Network Tool 

.I. .. 






l ' - “ • 

LANDesk Manageme 
hardware/software m 
LANDesk, designed t 
NT, Macintosh, and C 

L'- ^ ^ 


int (LDMS) from Intel is one of an emerging set of tools for 
etering, remote control, software distribution, and virus scanning. 

0 run on NT Server, supports Windows 3.x, Windows 95, Windows 
)S/2 clients. 



Software can be sent to client PCs via push (sends an update at log-on or at a 
scheduled time), forced push (user can not cancel update), and pull (user requests 
software from server). These features are useful when new versions of software (e.g.. 
Excel) are to be installed. Automating this process will make support easier. 

Providing cost justification for some of this newer technology becomes easier when the 
long-term cost of ownership is used. Assume it takes a technician one hour plus travel 
to install a software upgrade (for illustration, assume $30 per hour). Experience 
indicates that each software package is upgraded every one to two years (assume two 
years). If there are typically three to five applications running on each computer 
(assume five), there would be estimated costs of $150 per computer (five applications at 
$30 each) every two years, or $75 per year. If a computer is used for five years, the 
software update costs are $375. Ignoring personnel limitations (a significant issue for 
most school jurisdictions), any software package that would reduce costs by $375 per 
computer over five years would be a cost-effective solution. 




NETWORK DESIGN 



LAYERS AND COMPUTER PERFORMANCE 71 



Holistic Costs 




L i 

“Long-term or total cc 
must be considered ii 
purchases often are i 
This accounting realit 

i.- ■' - '"""T 


ist of ownership” is a key mindset for schools and jurisdictions that 
T planning for computer purchases. Unfortunately, capital 
n decentralized school budgets and support costs in other budgets, 
y inhibits true cost minimization. 



LAYERS AND COMPUTER PERFORMANCE SUMMARY 

For most computer purchases, lowest price and fastest clock are the major criteria. 
Computers are compared on the basis of little more than, “Both have 4.5-GB drives." 
Little thought is given to performance, transfer rates, and so on. Sometimes a faster 
CPU with a slower drive will actually perform at a lower level than one with a faster drive. 
A motherboard with the graphics chip attached will be more inexpensive than one with it 
on a card. 

What is given up is flexibility. If a school purchases computers with graphics on the 
motherboard at 800 X 600 pixels or 1024 X 768 pixels, these can not be upgraded later 
to higher levels such as 1280 X 1024 when the school wants to have more on the 
screen. To illustrate this point, think about the new multimedia world that students are 
moving into with MPEG video and DVD. Since schools often have to keep computer 
equipment for many years, flexibility of upgrades should be an important criterion along 
with price and clock speed. 



Forecast 




r’.'^ " ' ■ "* 




Students will increasi 
subsystems — in the c 


ngly use multimedia — which impacts both graphics and disk 
ilassroom. 


I ■ ^ '' "... .V ) , .. .-J. 4 , . , . < ^ ^ ^ ■ ' - ' ■ _ _ ‘ ' • "■ 



Schools can use various tools and metrics to quantify CPU speeds, disk performance, 
network interface performance, and so on in order to quantify purchasing decisions, and 
provide networks that perform better and retain longer-term flexibility. 



er|c 



72 network design 



LAYERS AND COMPUTER PERFORMANCE 



SUMMARY 



In future, even a small school is likely to have many servers in a quite complex 
environment. However, many schools do not have the time, staff, or expertise to support 
the emerging technology. Site-based decision making often has resulted in decisions for 
technology and support decentralized to the school that will likely be inappropriate in the 
near-term future. While this approach gives schools flexibility, it often does not address 
equity and causes short-term technology decisions. 



Suggested Strategies ' 




• Network LANs and WAN 

• All computer and networl 
jurisdictions. 


should be the responsibility of the school jurisdiction, 
k purchases should be co-ordinated centrally within 



From a user's point of view, performance includes the various subsystems, LAN devices, 
and WAN connections. It is an end-to-end issue. For adequate long-term performance, 
the overall architecture must include all aspects of the network. 



f 



79 



NETWORK DESIGN 



SUMMARY 73 



GLOSSARY OF TERMS 



The source for this glossary is the site PCWebopedia < http://www.pcwebopedia.com > 
Some of the entries have been adapted for the purpose of this document. 



ACK Packet 


Each time a data packet is received on the network an acknowledgment 
packet is sent back to verify that the packet was received. 


AGP 


Short for Accelerated Graphics Port, a new interface specification developed 
by Intel Corporation. AGP is based on PCI, but is designed especially for the 
throughput demands of 3-D graphics. Various levels of data transfer rates are 
offered: 1X is 266 MBps, 2X is 533 MBps; and 4X provides 1 .07 GBps. 


ANSI 


Acronym for the American National Standards Institute. Founded in 1918, 
ANSI is a voluntary organization composed of over 1300 members (including 
all the large computer companies) that creates standards for the computer 
industry. 


ATA 


Short for Advanced Technology Attachment, a disk drive implementation that 
integrates the controller on the disk drive itself. 


Average Access 
Time 


The sum of the Average Seek Time and Average Latency. It typically 
represents the amount of time it takes for a drive to locate data. 


Average Latency 


The time the drive takes to spin the platters until the appropriate portions of the 
tracks are spinning under the heads. 


Average Seek Time 


The average time it takes for a drive’s read/write head to move over the 
platters to a requested track. Seek times tend to decrease as disk capacity 
increases. 


Backbone 


Another term for bus, the main wire that connects nodes (computers or 
devices on a network). The term is often used to describe the main network 
connections composing the Internet. 


Bandwidth 


The amount of data that can be transmitted in a fixed amount of time. For 
digital devices, the bandwidth is usually expressed in bits per second (bps) or 
bytes per second (Bps). For analog devices, the bandwidth is expressed in 
cycles per second, or Hertz (Hz). 


Bus 


In networking, a bus is a central cable that connects all devices on a local area 
network. It also is called the backbone. 


Cache 


Pronounced cash, a special high-speed storage mechanism. It can be either a 
reserved section of main memory or an independent high-speed storage 
device. 


Centrex 


Short for central office exchange service, a new type of PBX service in which 
switching occurs at a local telephone station instead of at the company 
premises. Typically, the telephone company owns and manages all the 
communications equipment necessary to implement the PBX and then sells 
various services to the company. 

80 


NETWORK DESIGN 


GLOSSARY OF TERMS 75 



Controller 


A device that controls the transfer of data from a computer to a device and vice 
versa. For example, disk drives, display screens, keyboards, and printers all 
require controllers. 


CPU 


Short for Central Processing Unit. The CPU is simply the brain of the 
computer. 


CSMA/CD 


Short for Carrier Sense Multiple Access/Collision Detection, a set of rules 
determining how network devices respond when two devices attempt to use a 
data channel simultaneously (called a collision). Standard Ethernet networks 
use CSMA/CD. This standard enables devices to detect a collision. After 
detecting a collision, a device waits a random delay time and then attempts to 
retransmit the message. 


Data Transfer Rates 


The speed with which data can be transmitted from one device to another. 
Data rates are often measured in megabits (million bits) or megabytes (million 
bytes) per second. These are usually abbreviated as Mbps and MBps, 
respectively. 


DMA 


Abbreviation of Direct Memory Access, a technique for transferring data from 
main memory to a device without passing it through the CPU. Computers that- 
have DMA channels can transfer data to and from devices much more quickly 
than computers without a DMA channel can. This is useful for making quick 
backups and for real-time applications. 


DNS 


Short for Domain Name System (or Service), an Internet service that translates 
domain names into IP addresses. Because domain names are alphabetic, 
they are easier to remember. The Internet however, is really based on IP 
addresses. Every time you use a domain name, therefore, a DNS service 
must translate the name into the corresponding IP address. For example, the 
domain name www.example.com might translate to 198.105.232.4. 


Domain Name 


A name that identifies one or more IP addresses. For example, the domain 
name microsoft.com represents about a dozen IP addresses. 


DRAM 


Pronounced dee-ram, DRAM stands for Dynamic RAM, a type of memory 
used in most personal computers. 


DV 


Short for Digital Video. Refers to the capturing, manipulation and storage of 
video in digital formats. 


ECC 


Short for Error-Correcting Code memory, a type of memory that includes 
special circuitry for testing the accuracy of data as it passes in and out of 
memory. 


EDO RAM 


Short for Extended Data Output DRAM, a type of DRAM that is faster than 
conventional DRAM. 


EIA 


Short for Electronic Industries Association. A trade association representing 
the U.S. high technology community. It began in 1 924 as the Radio 
Manufacturers Association. The EIA sponsors a number of activities on behalf 
of its members, including conferences and trade shows. 




81 



76 network design 



GLOSSARY OF TERMS 



EIDE 



EIDE 


Short for Enhanced IDE, a newer version of the IDE mass storage device 
interface standard developed by Western Digital Corporation. EIDE is 
sometimes referred to as Fast ATA or Fast IDE, which is essentially the same 
standard, developed and promoted by Seagate Technologies. It also is 
sometimes called ATA-2. 


Ethernet 


A local area network (LAN) protocol developed by Xerox Corporation in co- 
operation with DEC (Digital Equipment Corporation) and Intel in 1976. It is one 
of the most widely implemented LAN standards. A newer version of Ethernet, 
called 100Base-T (or Fast Ethernet), supports data transfer rates of 100 Mbps 
(Megabits per second); and the newest version. Gigabit Ethernet supports data 
rates of one gigabit (1 000 megabits) per second. 


Filters (Packet 
Filtering) 


Controlling access to a network by analyzing the incoming and outgoing 
packets and letting them pass or halting them based on the IP addresses of 
the source and destination. Packet filtering is one technique, among many, for 
implementing security firewalls. 


Firewall 


A system designed to prevent unauthorized access to or from a private 
network. Firewalls can be implemented in both hardware and software, or a 
combination of both. Firewalls frequently are used to prevent unauthorized 
Internet users from accessing private networks connected to the Internet, 
especially intranets. All messages entering or leaving the Intranet pass 
through the firewall, which examines each message and blocks those that do 
not meet the specified security criteria. 


Firewire (IEEE 1394) 


A new, very fast external bus standard that supports data transfer rates of up 
to 400 Mbps (400 million bits per second). 1394 is ideal for devices that need 
to transfer high levels of data in real time, such as video devices. The main 
difference between 1394 and USB (Universal Serial Bus) is that 1394 supports 
faster data transfer rates and is more expensive. 


FTP 


Abbreviation of File Transfer Protocol, the protocol used on the Internet for 
sending files. 


Gbps 


Short for Gigabits per second, a data transfer speed measurement for high- 
speed networks such as Gigabit Ethernet. When used to describe data 
transfer rates, a gigabit equals 1,000,000,000 bits. 


Handshaking 


The establishment of a two-way communication process that ensures each 
packet is received. 


Head 


The mechanism that reads data from or writes data to a magnetic disk or tape. 
The head is sometimes called a read/write head. Double-sided floppy disk 
drives have two heads, one for each side of the disk. Hard disk drives have 
many heads, usually two for each platter. 


HDTV 


Short for High-Definition Television, a new type of television that provides 
much better resolution than current televisions based on the NTSC (National 
Television Standards Committee) standard. There are a number of competing 
HDTV standards, which is one reason that the new technology has not been 
widely implemented. All of the standards support a wider screen than NTSC 
and roughly twice the resolution. 




82 



NETWORK DESIGN 



GLOSSARY OF TERMS 77 



Hubs 



Hz 



IDE 



IEEE 



» IMAP 
I/O 



IP 



ISDN 



ISA 



ISP 



A common connection point for devices in a network. Hubs are commonly 
used to connect segments of a LAN. A hub contains multiple ports. When a 
packet arrives at one port, it is copied to the other ports so that all segments of 
the LAN can see all packets. 



Short for Hertz. This number represents the number of cycles per second. It 
often is used to measure screen refreshes. 



Short for Intelligent Drive Electronics or Integrated Drive Electronics, 
depending on whom you ask. An IDE interface is an interface for mass 
storage devices, in which the controller, a device that controls the transfer of 
data between one device and another, is integrated into the disk or CD-ROM 
drive. 



Abbreviation of Institute of Electrical and Electronics Engineers, pronounced I- 
triple-E. Founded in 1884, the IEEE is an organization composed of 
engineers, scientists, and students. The IEEE is best known for developing 
standards for the computer and electronics industry. In particular, the IEEE 
802 standards for local area networks are widely followed. 

Short for Internet Message Access Protocol, a protocol for retrieving e-mail 
messages. 



Short for Input/Output, and pronounced eye-oh. I/O refers to any operation, 
program, or device whose purpose is to enter data into a computer or to 
extract data from a computer. 



Abbreviation of Internet Protocol, pronounced as two separate letters. IP is 
something like the postal system. It allows you to address a package and drop 
it in the system, but there is no direct link between you and the recipient. 



Abbreviation of Integrated Services Digital Network, an international 
communications standard for sending voice, video, and data over digital 
telephone lines. ISDN requires special metal wires and supports data transfer 
rates of 64 Kbps (64,000 bits per second). Most ISDN lines offered by 
telephone companies give you two lines at once, called B channels. You can 
use one line for voice and the other for data, or you can use both lines for data 
to give you data rates of 1 28 Kbps, twice the data rate provided by today's 
fastest modems. 



Short for Industry Standard Architecture. The bus architecture used in the IBM 
PC/XT and PC/AT. It often is abbreviated as ISA (pronounced as separate 
letters or as eye-sa) bus. The AT version of the bus is called the AT bus and 
became a de facto industry standard. 

Short for Internet Service Provider, a company that provides access to the 
Internet. For a monthly fee, the service provider gives you a software 
package, username, password and access phone number. Equipped with a 
modem, you can then log on to the Internet and browse the World Wide Web 
and send and receive e-mail. 



er|c 



78 network design 



GLOSSARY OF TERMS 



KB 


Short for KiloByte. When used to describe data storage, KB usually 
represents 1024 bytes. When used to describe data transfer rates, KB 
represents 1000 bytes. 


Kbps 


Short for Kilobits per second, a measure of data transfer speed. Modems, for 
example, are rated in Kbps. Note that one Kbps is 1000 bits per second, 
whereas a KB (kilobyte) is 1024 bytes. Technically, kbps should be spelled 
with a lowercase k to indicate that it is decimal but almost everyone spells it 
with a capital K. 


LAN 


Short for Local Area Network. A computer network that spans a relatively 
small area. Most LANs are confined to a single building or group of buildings. 
Most LANs connect workstations and personal computers. Each node 
(individual computer) in a LAN has its own CPU with which it executes 
programs, but it also is able to access data and devices anywhere on the LAN. 
This means that many users can share expensive devices, such as laser 
printers, as well as data. Users also can use the LAN to communicate with 
each other, by sending e-mail or engaging in chat sessions. 


Local Bus 


A data bus that connects directly, or almost directly, to the microprocessor. 
Although local buses can support only a few devices, they provide very fast 
throughput. 


MAC Address 


Short for Media Access Control address, a hardware address that uniquely 
identifies each node of a network. 


MB 


Short for megabyte (1,000,000 or 1,048,576 bytes, depending on the context). 


Mbps/MBps 


See Data Transfer Rates. 


MHz 


Short for megahertz. One MHz represents one million cycles per second. 


MPEG 


Short for Moving Picture Experts Group, and pronounced m-peg, a working 
group of ISO. The term also refers to the family of digital video compression 
standards and file formats developed by the group. MPEG files can be 
decoded by special hardware or by software. 


NIC 


Short for Network Interface Card. Often abbreviated as NIC, an expansion 
board you insert into a computer so the computer can be connected to a 
network. Most NICs are designed for a particular type of network, protocol, 
and media, although some can serve multiple networks. 


NT 


Short for New Technology. Usually used in referring to Windows NT, the most 
advanced version of Microsoft’s Windows operating system. 


Packet 


A piece of a message transmitted over a packet-switching network. See under 
packet switching. One of the key features of a packet is that it contains the 
destination address in addition to the data. In IP networks, packets are often 
called datagrams. 




84 



NETWORK DESIGN 



GLOSSARY OF TE RMS 79 



Packet Switching 

PBX 

PCi 

Performance 

Monitor 

Piatter 

POP 

Proxy 

RAM 

Read/Write Head 
ReaiAudio 

RMON 

Router 

RPM 



Refers to protocols in which messages are divided into packets before they are 
sent. Each packet is then transmitted individually and can even follow different 
routes to its destination. Once all the packets forming a message arrive at the 
destination, they are recompiled into the original message. 

Short for Private Branch exchange, a private telephone network used within 
an enterprise. Users of the PBX share a certain number of outside lines for 
making telephone calls external to the PBX. 

Acronym for Peripheral Component Interconnect, a local bus standard 
developed by Intel Corporation. Most modern PCs include a PCI bus in 
addition to a more general ISA expansion bus. Many analysts, however, 
believe that PCI will eventually supplant ISA entirely. 

Performance Monitor is provided with Windows NT and allows the monitoring 
of Network Interface Cards for total traffic, disk utilization, and CPU utilization. 

A round magnetic plate that constitutes part of a hard disk. Hard disks 
typically contain up to a dozen platters. Most platters require two read/write 
heads, one for each side. 

Short for Post Office Protocol, a protocol used to retrieve e-mail from a mail 
sen/er. Most e-mail applications (sometimes called an e-mail client) use the 
POP protocol, although some can use the newer IMAP. 

A sen/er that sits between a client application, such as a Web browser, and a 
web server. It intercepts all requests to the web servers to see if it can fulfill 
the requests itself. If not, it forwards the request to the real server. 

Short for Random Access Memory. RAM is volatile, meaning that it loses its 
contents when the power is turned off. 

See Head. 

The de facto standard for streaming audio data over the World Wide Web. 
RealAudio was developed by RealNetworks and supports FM-stereo-quality 
sound. To hear a Web page that includes a RealAudio sound file, you need a 
RealAudio player or plug-in, a program that is freely available from a number 
of places. It is included in current versions of both Netscape Navigator and 
Microsoft Internet Explorer. 

Short for Remote MONitoring, a network management protocol that allows 
network information to be gathered at a single workstation. 

A device that connects two LANs. Routers are similar to bridges, but provide 
additional functionality, such as the ability to filter messages and forward them 
to different places based on various criteria. 

Short for Rotations Per Minute. Used when referring to hard disk drive units or 
CD-ROM drives. 






80 NETWORK DESIGN 



GLOSSARY OF TERMS 




SCSI 




SDRAM 

SMTP 



SNMP 



Subnet 



Abbreviation of Small Computer System Interface. Pronounced scuzzy, SCSI 
is a parallel interface standard for attaching peripheral devices to computers 
such as disk drives and printers. SCSI interfaces provide for faster data 
transmission rates (up to 80 megabytes per second) than standard serial and 
parallel ports. Although SCSI is an ANSI standard, there are many variations 
of it, so two SCSI interfaces may be incompatible. For example, SCSI 
supports several types of connectors. 

The following varieties of SCSI are currently implemented: 

• SCSI-1 : Uses an 8-bit bus, and supports data rates of 4 MBps. 

• SCSI-2: Same as SCSI-1 , but uses a 50-pin connector instead of a 25-pin 
connector, and supports multiple devices. This is what most people mean 
when they refer to plain SCSI. 

• Wide SCSI: Uses a wider cable (168 cable lines to 68 pins) to support 16- 
bit transfers. 

• Fast SCSI: Uses an 8-bit bus, but doubles the clock rate to support data 
rates of 10 MBps. 

• Fast Wide SCSI: Uses a 16-bit bus and supports data rates of 20 MBps. 

• Ultra SCSI: Uses an 8-bit bus, and supports data rates of 20 MBps. 

• SCSI-3: Uses a 16-bit bus and supports data rates of 40 MBps. Also 
called Ultra Wide SCSI. 

• Ultra2 SCSI: Uses an 8-bit bus and supports data rates of 40 MBps. 

• Wide Ultra2 SCSI: Uses a 16-bit bus and supports data rates of 80 MBps. 

Short for Synchronous DRAM, a new type of DRAM that can run at much 
higher speed than conventional memory. 

Short for Simple Mail Transfer Protocol, a protocol for sending e-mail 
messages between servers. Most e-mail systems that send mail over the 
Internet use SMTP to send messages from one server to another; the 
messages can then be retrieved with an e-mail client using either POP or 
IMAP. 

Short for Simple Network Management Protocol, a set of protocols for 
managing complex networks. The first versions of SNMP were developed in 
the early 1980s. SNMP works by sending messages, called protocol data 
units (PDUs), to different parts of a network. SNMP-compliant devices, called 
agents, store data about themselves in Management Information Bases and 
return this data to the SNMP requesters. 

A portion of a network that shares a common address component. On TCP/IP 
networks, subnets are defined as all devices whose IP addresses have the 
same prefix. For example, all devices with IP addresses that start with 
100.100.100 would be part of the same subnet. Dividing a network into 
subnets is useful for both security and performance reasons. 



8 8 

er|c 



NETWORK DESIGN 



GLOSSARY OF TERMS 81 



Switches 


In networks, a device that filters and forwards packets between LAN 
segments. Switches operate at the data link layer (layer 2) of the OSI (Open 
System Interconnection) Reference Model and therefore support any packet 
protocol. LANs that use switches to join segments are called switched LANs 
or, in the case of Ethernet networks, switched Ethernet LANs. See also 
Packet Switching. 


T1 


A dedicated phone connection supporting data rates of 1 .544 Mbps. A T-1 line 
actually consists of 24 individual channels, each of which supports 64 Kbps. 
Each 64-Kbps channel can be configured to carry voice or data traffic. Most 
telephone companies allow you to buy some of these individual channels, 
known as fractional T-1 access. 


TCP/IP 


Most networks combine /Pwith a higher-level protocol called Transport Control 
Protocol (TCP). Different from just IP, TCP/IP establishes a connection 
between two hosts so that they can send messages back and forth for a period 
of time. 


Track 


A ring on a disk where data can be written. A typical floppy disk has 80 
(double-density) or 160 (high-density) tracks. For hard disks, each platter is 
divided into tracks, and a single-track location that cuts through all platters 
(and both sides of each platter) is called a cylinder. Hard disks have many 
thousands of cylinders. Each track is further divided into a number of sectors. 
The operatirig system and disk drive remember where information is stored by 
noting its track and sector numbers. 


USB 


Short for Universal Serial Bus, a new external bus standard that supports data 
transfer rates of 12 Mbps (12 million bits per second). A single USB port can 
be used to connect up to 127 peripheral devices, such as mice, modems, and 
keyboards. USB also supports Plug-and-Play installation and hot plugging. 


UTP 


Short for Unshielded Twisted Pair, a popular type of cable that consists of two 
unshielded wires twisted around each other. Due to its low cost, UTP cabling 
is used extensively for local area networks (LANs) and telephone connections. 
UTP cabling does not offer as high bandwidth or as good protection from 
interference as co-axial or fiber optic cables, but it is less expensive and easier 
to work with. 


VRAM 


Short for video RAM, and pronounced vee-ram. VRAM is special-purpose 
memory used by video adapters. 


VRML 


Pronounced ver-mal, and short for Virtual Reality Modeling Language, VRML 
is a specification for displaying three-dimensional objects on the World Wide 
Web. 


WAN 


Short for Wide Area Network. A computer network that spans a relatively 
large geographical area. Typically, a WAN consists of two or more local area 
networks (LANs). 


WRAM 


Short for Windows RAM, a type of RAM developed by Samsung Electronics 
that supports two ports. This enables a video adapter to fetch the contents of 
memory for display at the same time that new bytes are being put into 
memory. 

07 


82 network design 


GLOSSARY OF TERMS 



xDSL 



Refers collectively to all types of Digital Subscriber Lines, the two main 
categories being ADSL (asynchronous) and SDSL (synchronous). Two other 
types of xDSL technologies are High-data-rate DSL (HDSL) and Single-line 
DSL (SDSL also). xDSL is similar to ISDN in as much as both operate over 
existing copper telephone lines and both require short runs to a central 
telephone office (usually less than 20,000 feet). However, xDSL offers much 
higher speeds. 



88 



NETWORK DESIGN 



GLOSSARY OF TERMS 83 



APPENDIX A 
USEFUL LINKS 



GENERAL 

Alberta Education listserver < edc-techplanqroup@QOv.ab.ca > 

Alberta Education web site < http://ednet.edc.gov.ab.ca > 

Calgary Public School District Wiring Standards < http://www.cbe.ab.ca > 

Technology Implementation Review: Grande Yellowhead Regional Division No. 35/Wolf 
Creek Regional Division No. 32 < http://ednet.edc.qov.ab.ca/technoloav/ > 

TECHNOLOGY 



Adaptec’s 
ThreadMark 2.0 


<htto://www.adaotec.com> 


AGP 


<htto://www.intel.com/technoloqv/aqp/> 


Aperture 

ATI 


<http://vwvw.aoerture.com/> 

<http://www.atitech.com/> 


Cirrus Logic 
CU-SeeMe 


<http://www.cirrus.com/> 
<http://www. wpine.com/> 


IBM 


<http://www.storaqe.ibm. com. :80/storaqe/hardsoft/diskdrdl.htm> 


Matrox 


<http://www.matrox.com/> 


NetMedic 


<http://www.vitalsiqns.com> 


PC standards 


<http://www.microsoft.com/hwdev/desquid/> and 
<htto://develooer.intel.com/desiqn/oc98/> 


Quantum 


<http://www.auantum.com/> 


RealAudio 


<http://www.realaudio.com/> 



RMON Technically Elite< http://www.tecelite.com > 
S3 < http://www.s3.com/ > 



Seagate 
SPEC CPU95 


<http://www.seaqate.com/> 

<htto://vww.soecbench.orq> 


Surfwatch 


<htto://www1 .surfwatch.com/home/> 


WebSense 


<htto://w/ww. websense.com/> 


Western Digital 
Ziff-Davis CPUmarksa 


<http://vwvw.wdc.com/> 

< http ://www . zdbop . CO m > 

89 


network design 


APPENDIX A 85 



APPENDIX B 

ALBERTA EDUCATION WEB SITE HOME PAGE 



[te D:\WINNT\PiofilesVJim Ward\Desktop\homepage 






X jj 


File Edi^ View H elp 










‘Qj homepage 1]^ | ^ fei 


1 a Hill IxjEf 1 


!r^ i.r: ‘ 




Name ^ | 


Size 


iType J 


• Modified : 


Attributes 1' 


8l6.jpg j 


5KB 


Image Expert Picture 


4/1/98 8:58 AM 


A I 


W acrobat gif 


1KB 


GIF Image 


4/1/98 9:01 AM 


^ ii 


S addupcomingeventjpg 


5KB 


Image Expert Picture 


4/1/98 9:01 AM 


A 


alberfatext.gif 


2KB 


GIF Image 


4/1/98 9:01 AM 


A 1 


8 bpfive.jpg 


7KB 


Image Expert Picture 


4/1/98 9:01 AM 


A : 


) darkblueline.html 


1KB 


Internet Document ... 


8/19/97 9:14 AM 


A : 


1 § default, asp 


1KB 


ASP File 


11/6/97 4:03 PM 


A j 


B DIPLOMAEXAM.JPG 


5KB 


Image Expert Picture 


4/1/98 8:38 AM 


A j 


1^ GRADIENTYELLOW.GIF 


1KB 


GIF Image 


4/1/98 10:15AM 


A 1 


^ homepage.asp 


4KB 


ASP File 


4/1/98 10:20 AM 


A i 


1^1 Lineblue.gif 


1KB 


GIF Image 


3/31/98 9:10AM 


A 1 


l«1 Rightbar.gif 


23KB 


GIF Image 


4/1/98 8:57 AM 


A j 


l«1 rndbutton.gif 


1KB 


GIF Image 


4/1/98 9:01 AM 


A [ 


[gsections.asp 


2KB 


ASP File 


10/10/97 7:47 AM 


A I 


Kl tabhighlights.gif 


1KB 


GIF Image 


4/1/98 9:01 AM 


A j 


[^titlebar.asp 


1KB 


ASP File 


3/16/98 2:41 PM 


A 1 


STopie.jpg 


■ 9KB 


Image Expert Picture 


4/1/98 11:35 AM 


A 


0WHITETOBLUE.GIF 


1KB 


GIF Image 


4/1/98 10:18AM 


A 


.liobiecKs) 1 61. 3KB 











FIGURE 26: ALBERTA EDUCATION WEB SITE HOME PAGE FILE SIZES 



The Alberta Education web site has the following structure: 
< http://ednet.edc.aov.ab.ca/ > 

• Frame: < http://ednet.edc.gov.ab.ca/titlebar.asp > 

Background Image: < http://ednet.edc.aov.ab.ca/araphics/titlebar/5.ipg > 
Image: < http://ednet.edc.aov.ab.ca/riahtbar.gif > 

• Frame: < http://ednet.edc.aov.ab.ca/darkblueline.html > 

• Frame: < http://ednet.edc.aov.ab.ca/sections.asp > 

Background Image: < http://ednet.edc.aov.ab.ca/aradientvellow.gif > 
Image: < http://ednet.edc.aov.ab.ca/imaaes/lineblue.gif > 

Image: < http://ednet.edc.gov.ab.ca/imaaes/lineblue.gif > 

Image: < http://ednet.edc.aov.ab.ca/images/lineblue.gif > 

Image: < http://ednet.edc.gov.ab.ca/imaaes/lineblue.gif > 

Image: < http://ednet.edc.aov.ab.ca/imaaes/lineblue.gif > 

• Frame: < http://ednet.edc.aov.ab.ca/homepaae.asp > 

Image: < http://ednet.edc.aov.ab.ca/imaaes/tabhiahliahts.aif > 

Image: < http://ednet.edc.aov.ab.ca/lineblue.aif > 

Image: < http://ednet.edc.aov.ab.ca/features/topie.ipg > 

Image: < http://ednet.edc.aov.ab.ca/features/bpfive.ipg > 

90 



NETWORK DESIGN 



BEST COPY AVAILABLE 



APPENDIX B 87 




Image: < http://ednet.edc.aov.ab.ca/features/addupcominaevent.ipq > 
Image: < http://ednet.edc.aov.ab.ca/acrobat.gif > 

Image: < http://ednet.edc.aov.ab.ca/araphics/rndbutton.qif > 

Image: < http://ednet.edc.aov.ab.ca/araphics/rndbutton.qif > 

Image: < http://ednet.edc.qov.ab.ca/araphics/rndbutton.gif > 

• Frame: < http://ednet.edc.qov.ab.ca/search.html > 

Background Image: < http://ednet.edc.qov.ab.ca/imaqes/whitetoblue.gifForm 1 : > 
Action URL: < http://ednet.edc.aov.ab.ca/search/auerv.ida > 

Encoding: application/x-www-form-urlencoded (default) 

Method: Get 

Image: < http://ednet.edc.aov.ab.ca/araphics/albertatext.gif > 




O 

ERIC 



88 network design 



APPENDIX B 



APPENDIX C 
NETMEDIC OUTPUT 






^ Elis ^indmv Help 



as 



Netscape • |ZDNet) 



£te y«w go Bookmarks gptiww girectesy i^ndow ye^ 






nru n 

ubM.u 



n; g SP.G 

1«3W£ KLTvVJSK SHE AVXL RATE 

ralpLei.efioc.ib ;v > # ^ 






«|{ALTM CPU LOAD ^CACKI Mtrn > 

51% 



tlWHFIC HSAITH 

e^’i 



^ »oo% ^ 



: Zdi i e-t CO tl; 



ItlA* LOAD 

i oecfioii Time 

U^:GB D^:UB G6:W / 



B*6V 





“ S' 






■ 


O* 




■ 'S"t ■ 


1 # 


irirr^y-tr-c 


• Wcfiw 


: Edit 


- R«l04d 




Op«n 


Pr»t 


Find 


[1 Slop 



Location; jht^;//www.:ctiet,com/ 

*' V/hafsNew? |; M^'sCoot? |j Oostavii^ N^Seari^ |’ Peo^ |f Sof^wra | 











***;; I Opeunw^ or« ^ 



Build a virtual office 



Need a quick way to connect your far-flung 
colleagues? PC Magazine [esXed seven products 
that provide many of the features of enterprise 
groupv^are - without an IS department. Find out 
which got the Editor's Choice. ► 

New Tillamook Portables 

Some might call them screamers. A new crop of 
notebooks using Intel's 266 Mhz Pentium with 
MMX is out, and we have what you need to know. 
Start with Computer Shopper's sneak peek, then 
check out PC Magazine and PC Week for their 
latest reviews. 

Best tips of the year 

Start the new year off right with the Help Channel's 
best tips of the year. From smarter surfing to 



Maxiinum JAnvc'r, 



Wednesday, January 14 

breaking news 

LjsI updjtAd Jjnujry ^A. 1008 
03:Ze:10 PM PT 

• Apple back in the black 

• Closing arguments in 
Microsoft case set foi 
Jan, 22 

• The unsinkable Yahoo! 

• Revenoe of the nerds 

• NSI moves bevond 
interNic 

• 'Free* software has 
hidden costs 

Mc-rt.Nwwb 



^ §3 ^ 1 ^ U«t I lggiHeti . |!|j^Firsl(^,J : >2SMicro»-.. |:|^Catend...ji^HetM... Miao»... | 







Q-? 



4:39 



FIGURE 27: NETMEDIC WEB PAGE 



BEST COPY AVAILABLE 




92 



NETWORK DESIGN 



APPENDIX C 89 





^Net.Medic 



HUB! 



File View Window Help 






ze: 10.4 kilob-^ilej Hearth Log: [netcom.nel experier 



□ 



7 Hops 

II mrnW9 « 

Transferring data... 



/f; 



10.8 



0^5 , M ii-r 



SKED LIMIT SetlD 



0.4 



P.etaeval 



02% 88% 






0:06.4 Bs 16. ?1 

vam NETWORK SITE AVG. RATE 



lgoetZ"'pc. 



WEALTH 






CPU LOA& ^CAChC HITS 



Modem 



10.8 kbps 



HEALTH 



1>; 2:.: 5>: 4:c 



26 .4 kbps . 
SPEEU 



netcDm.net 



70% 





WELAT TnAWIC 



HEALTH 



Internet 



^ » / 
100 % 



oaAT 



TIIAWIC PtAK 



SP^- 



mnsic.3onv.com 



laitailailallllll 

DELAY LOAD 



eiy 



-TMROCGHPUT*' 



Modem ComiectTime 

nn*nn nn-nn 

uu-uu uu-uu 

session TODAY 



nn*n 

uu*u 



TWS MCWTH 



I 



Prfnf reports on ymir Jmerner 
per/ormance Jrir/ucf mu yipijr 
JSP s servfro 

Check the vital si^ns ai'ymir 
ij/iifji/t! iflrnrrwt pnfb Yiilh 
afiiriialed 

end-lo-end ovenrievv. 



Track data transfer in real 
time af a 



cadi Web pnge^s 
r??ljiGvaJ diHC lo deleniTine if 
tfeia)'S an? caused by ifie rre?- 
work or the sorv'er (tMsb sJle). 



Mojiiforamj opiiraiyiD ffre onJJm? 
perfofvnance? of^our PC. 



Op#ii?riy;P yoijj’ /nodeiu s com- 
pmssiofi and cmjr-cfjGcWnu 
per/ormancp fo speed 
Wfcb pa^n julrfpi'al. 

Track traffic leveis, delays, and 
tbe overall htfall/r o/ ^Tjur 
JSP s porftwmanco. 



isnlaic nefwork pmblcm.s to the 
InterneA hadkborje. 



Analyze r&al-tfjJM? Vfeb sfle per- 
Formanco, Insdudrnu Web app/i- 
cfliiori (HTTP) rcaponsG Hjin?. 



Track )^ur actual anUm time to 
ensure proper Wlfinig- 



FIGURE 28: NETMEDIC PANEL 

BEST COPY AVAILABLE 

03 



90 NETWORK DESIGN 



APPENDIX C 








APPENDIX D 
HP OPENVIEW 




FIGURE 29: ELK ISLAND INTERNET TRAFFIC— 1 WEEK 




FIGURE 30: ELK ISLAND INTERNET TRAFFIC— 1 DAY 
(EXPANDED FROM PREVIOUS) 



BESTCOPY AVAILABLE 



o 

ERIC 



NETWORK DESIGN 



94 



APPENDIX D 91 





UTILIZATION (%) 



APPENDIX E 
AGNPAC ANALYSIS 



UTILIZATION STATS FOR THE AGNpac FRAME RELAY 
CIRCUIT FOR THE SUMMITVIEW SCHOOL IN GRANDE CACHE 
(January 5 to January 8, 1998) 

(SPEED =128 Kbps) 




70.00 - 




— TX_UTIL 
-O-RX UTIL 



FIGURE 31: GRANDE CACHE FRAME RELAY CIRCUIT UTILIZATION 




95 



o 



NETWORK DESIGN 



APPENDIX E 93 



APPENDIX F 

TECHNICALLY ELITE RMON PROBE MW ARE SOFTWARE 




FIGURE 32: NETWORK UTILIZATION IN PPS AND PERCENTAGE 



best COPY AVAILABLE 




98 




NETWORK DESIGN 



APPENDIX F 95 



r*£& ^ £oBrig “ 



i Wai !:©! [Wmi iRiii i ti Kill 

Oiawi; ' V' — ~ 



TBbfsOMwriwsntor' 



D«a Soutcc-«*y»«. ... 




f t ' 



± ^ ^ .rr ' i I r I l i r u 



' t :2 41 ^ j J 2 ;i 3 13 .i 8 

I ■CffC AKan"' " C FMgtnt^s 



. :i:3.48v 

' Jatibarg: 



V2;51« . .V n2;33 I?i58 ^ 13i58 

B u^ws^B" -^- 4 D> o^fftea ■ " / t^iitoBg 



’ '■ ^ 1 

: " I i 






3;B»...... , S . ■•■: i' 

_ r ; J 



FIGURE 33: RMON HISTORY MIB 



“"TtST’StaropI W&jett/t: fcictrti^ ’-Sroaecaife *' U troyewiS^t 



<n/ 3 tfl 3 1305 ^ 4 :* 
7 {pfl 1 S 313 L 0 » 54 " 

"oTaT^iMSsS'''' 

”S)of]g 3 "i 3 . 0 Eix‘'‘ 

0 ?/ 3 tiS 31 l 0 i;S 4 

Oi/lV/M‘l3tOf:24'“'' 

''iiiflViSaTatb'w''' 
''oi/ 31®8 V 3 TO 24 ' 
B1/31/M'l25ft« 
‘BU!3l'/M'ti»,24’'’ 
(ni3i)33 i'25aE$4 
81 / 31 J 3 S 12^24 



3483 

" mi'] 
"’assa” 
15^' "" 

^ 224^'' 
‘" 164S " 

61 IB ' 

“ 

. 4«M '" 
T ^2ig“"' 

" 419 i" ' 
“ 4016 ' 
•^ 7 &a ■ 
■'^7494 



'OH 

-VI 

Tji 



-ssTM i\ 
^ » 4 

f'^-T 

%0'4 > 



0i!oi/3812»'.:M 






,.o§ 




- B 


oV;’ 


81/31^ 12$?.24' 


viO 


: 2001 


:.0* 


'■ V .*■ Vfii'7 ■■■ 


' ' ’ ' ' B 


. ' P)ii 


Kwv.^«lig“toPbi 






■' TT 




, 


Tow OT 


ll . Tir'e Stwfl^ 


CRC A5on 


Ffaomert* 


4 

Jabber ^ 


UrvdertiM 


"'o5«*be 


• I 

.5T . -r- ;r-'|- 

ColUkim 


13i!«'24 


0 


ZLZX. 


0'.; 


V 0 " 


•„ .# •: 0 


' - 5*^. 


■|} <nSiw 


Vof 


^ 0. 


~ " q7 


>rr y 0:''« 


.>r r"'’Q 






'"To ' 




'* V'"' 


ZTtll 


*^w 




jLmauMiaiasSII 


TT'oi 


'n:zi€. 


TTliroLf 









FIGURE 34: RMON HISTORY MIB— TABULAR FORM 



BEST COPY AVAILABLE 




er|c 



96 network design 



APPENDIX F 



tte; ' yiew Eolling Table : . ' " : ' ; . : 1:1.’ ' 


ail;©! (ID S'liiifBi 




- ' 








sttotilfle;. ■. 


!• «ur«Qr 






T. , * 





Current Distribution 



Cumulative Distribution 





' ^;- 7 Tn 








< j t f 


, 








‘ ; ; 






■ " '' 




. -I .. 








V li 

: > . Jb ij 




■ ■ ' » V 




' ■ ^ ^ 




: : ^ . . 


-• ■ s 


::i 














m ■ , s ^ 






B " 



Gourts/seo I ' 








;>MAe( Siu 








' ■ Ods% 


CumubiUvv'% 


Court' 






|m ' ' ' - 




. 1067: 


T 


::: ":«f 


■ 53 • 


■ " : -. TiZOiOr 








. 0 '' 


' ^70 


* : ! : ' ? 




» 


! , ’ 1516^ 


■ : 






O; 


' S6 \ 




: .r:3{ 


' 4'i 


i ' ; * S30S69 


: : 




;W-5M 


■ ' -oi 


UT 






7 


' ^ ^ 917757 




! : 


iS12>10J3 




' 1 ^*: 




- • • » ..7f 


. « :i7. 


, : : 237?rea 






j!;lC24-'>5t8 ^ 


'jor 


34 


^ ^ -.4:: 


" ; 16 1 


: "16 ^ 


1396353 




:: . 




-it'' ‘ ' 


1 . '. : 


■■ ■: 




. I . : . 





■ ^Mjbytes • 

^■fe^127 - 

■ kbytes . ; 
, : ' 128-255 : 

> ■ bytes 

; 1:255-511 :: 

^ '■ bytes . - ' 

1:512^1023: : 

bytes - •• 
r 1024-1518" 

' ' byres 



FIGURE 35: PACKET SIZE TRENDS AND CUMULATIVE STATISTICS 



BESTCOPY AVAILABLE 




98 



NETWORK DESIGN 



APPENDIX F 97 



APPENDIXG 
FIREWALL-1 ANALYSIS 






Enabling Accounting summarizes all network sessions. This data can be downloaded 
via a text file to Access or Excel (depending upon size) for further analysis. ! 



E fw.log - FbcWall-l Loq Viewer 












Irypc^ltlAcgbn^^'^^isei^ce^o^^llDeWTOti^n^rift,^^^ 






2552 


J1^«so9§ 12:44.03 


172.22,101.'; 


£ wy 


Sg ar.ti.4 


into 


2K.1 D.3C.152 


tC|5 


7 


1495 •' 


t ejrwt c* hRp. ^“236, 1 0,30 .1 SOreCJbl ,?>3 


2553 


31JWI9.S 12.44 03 


[g'da*. 172.22,101.'; 


£ 




intc ' 


2K-1D.5G;52 


tip 


7 


1497 


lercJcetep //2D6.102t0 iSZeCjFtexScfcd.-ctsrss 


2554 


31..«W9C 12:44 05 


13^9: .. 172.22.101.1 


£ 


£ a:ce,:1^ 


d3>rfeir}-=jc^> 


202.12.27.33 


yffii 


7 


densirKiSH- 


ter, 56 ’ •■ ; 


2555 


31j«t9€ 12.44 05 


jgdat... 172.22.101 1 


£ ?cy 


Ec 


liGC 


2C6.10.3G 152 


tep 


7 


1493 


let'-J-ce hSp j/‘2DC.l0.3C-.15Z€C4j:.:?g 


2555 


51>n9t; 12:44 12 


Ig dat ... 172.-22.101 1 


£ !t-y 


^ ac:ei:-t 


hnc 


2O?.10.';e 152 


tci> 


r 


149? 


te5:<ucehSp.fc'2DC 10.>3.1S:^6Ci>3.4:g 


2557 


31..«wi% 1:'44 15 


Igdst. 172.22.1011 


£ sr-g 


jRp a7fP|:-{ 


ir.c 


?05.13.',C >5? 


iri- 


1 


^e^k\ ‘ 


t esour -ce http f-OVi 1 0 30.1 52:60*4 ,yg ^ ; 


2i'}? 


31.»«i%0 12;44 20 


|3f P90 . 172.22.101 1 


£ .¥g 


IS arreis 


n-o-ucii' 


294,t.<:i 140,226 


uc^i 


7 


rtp-ti-lc ■ 


tf0 7?i_ . . 


2555 


31..v=r.3<; 12:44 :i 


da? .., 172.22.101 1 


£ itg 




rdc 


205.10'/; 152 


trr 


? 


1501 ’■ - 


1 es ?;# -ce hSr- //206 1 0 3;M 5>6CjW ^ ! 


257v 


31.W2»; 12:44 fO 


1^' P2-; . I72.22.i01 1 


£ ;«J 


m «7re-|:t 




l?s*.41 0 4 






dcnjfc.U{!|- 


ler,61 ■ 


2571 


3l:iftn20 12 44 51 


{g 1.H20 17.^22,10l 1 




£ o?r<n‘4 




‘.U.IZf 111.111 


U<1|1 


? 




ff n 2Ti ■ . 


257: 


3lJ«i30 12:44-51 


jg 6120 .. 172.22.101 1 




|B3 a?ceri 




205.1 y; 56.50 


udn 


7 


dcr;Vi-uap 


IrnCl » 


257.' 


SiJen'jO i:- 44-51 


rg doc .. 172.22.101 1 


IS ^ 


1^ oxept 


mp 1 


205.139 53.103 


tep 


7 


1504 


res?;4-cetep/^03 193.63.155:50/ 


;-574 


3lJofi20 12: 44-54 


^ doe .. 172.22.101 1 


£, ^ 


'«fCt 


rets 


152.6'j.tOO.IOG 


tep 




51772 ■. 


trecc:»2» SVN ■» SYH- ACK -» TirSftO:* 


^2575 


3lJen3S l24fG5 


{g d»e .. 172.22.101 1 


IS-^ 


|B3 


rcty 


2-05. i39 53.103 


icp 




1507 


fesxrcetep.->235 1?3.53.105:60>- ; - 


*2^S 


3iJftn35 12:45-05 


ig da« .. 172.22.1 01.1 




^ arced 


K!p 


205.13S.53.1G3 


ICC ■ 


7 


1503 ■ • 


re33;rc5teLp:;;233. 193.53.1 -53:80./ 


'CS77‘ 


31Jan3? 12:45-07 


0 (iatf ,.. 172.22.101.1 


£ ^ 


^ accept 




2-05.135.53.103 


iCP 


7 


1509 


resource liitc;r/235.1 93.63.103:804rr(^5es4:ecK..;il 


'S?£^ 


3lJ«n90 12:45-07 


0 iia<f .. 172.22.101 1 


£.fcg 


S3 accept 


lTtr> 


205.J35.53.ie3 


tep 


7 


1510 


res o;rce teLp:;;2D5.1 33.63.1 03:804rr*s<{es.4:enntr .jn 


2579- 


3?Jan93 12:45:07 


0 d«<j 172,22.101.1 


£ teg 


£ accept 


■ htto 


; 93.53.1 GS 


ICp 


7 


1511' ’ ■ 


tes-o^j-ce te^;/205.1 93.63.1 03, 80 *nu^es.*5»:ru gi1 


Z53a 


3lJ*n33 12:45:10 


0(»4. 172.22.101.1 


£ ^ 


Cj a>Kd 


http- 


205.I93.53.1GG 


ice 


,7 


1512 ,/ ‘ * 


rcjo^jrte teic::./235.133.63.i03:80.4iriage:./.;r!arr.o;gte '. • 


2«1 


3tJ«^3 12:45:10 


0t»4. 172.22.101.1 


£ teg 


Cj ac-cept 


hSp- 


2C-5.i33.53.1CG 


t-cp 


7 


1513'-'' 


rtsou’ce IBc:;.'205.193,63.l93:eO,*iri^i,e5atu!es.^? 




3!J«n93 12:45:12 


0 OM 172.22.101.1' 


£ teg 


ac-cept 


nsp 


205.i33.53.1G'2 


i-cp 


7 


1514 ’ 


retO'jr: e tec;i/2'35.1 93.63. 593:80.i&ri?<::e'.4ss-ortgrf 


2iA\ 


31J«n=Li i:;45:10 


0rt« 172 22 101.1 




Si '•-■ytpt 


Bip 


205 593.5310G 


!-:p 


7 


1515 


res-3-J^re hnci/2-96 ,193.63 1-33:80,*inae<rt,/espn9i: 


2^4 


3lJ8rt?3 12:45:17 


0C5M 172-22191.1 




si «=oed 


hS;- 


2O“:i93.S3.10G 


icp 


7 , 


1516 


re spijrce tec: j/ZDJ .193,63 l93:80.qftaj;e c/f.The.-jf 


2^5 


91J.»rv93 12:45:19 


0 <1<v; 172.22191.1 


£ teg 


S5 a=-7ed 


hS? 


205 1 3?<3.103 


t-cp 


7 


1517 


resjijrre tec ;i2-36.1 33,63 1 03:8O.*maeec./-cr.i-,.gil 


2sd- 


'31Jsni»3 12:45;r< 


0<1M 1. *2.22 191.1 


£teg 


ST accept 


hrtr- - 


2051 93.53.1 OG 


tep 


7 


1516 


f e53=jrre tec ;/^96.1 93.63 i?3:eciMi6pecAst«-!2.g.'f 


255 C 


2nj8nA* 12:45 20 


0rtrtfl 17222101.1 






http 


2O513.1.S310G 


tep - 


7 


1515 ' 


re-Ct-yxee tec xr2-96.1 93 .63 1 CI3:fflljlinaftei*; s j^r 




^ 31 .ten?;* 12:45.24 


0 E150... 172.22101.1 


£:teg 


accept 


n;p-tidp 


204 151.140226 


<xi^ 


7 


ntp^iap 


ten 76 


2^:* 


31Jcn?5 12:45 ..‘j5 


0 BOO... i72.22 101.1 




5j accept 


dc!nab-i«#) 


13733 . 1.3 




7 


(toPWh-tJdp 


ten 75 


2590 


31Jsn?5 1Z45.47 


0 BS-0... 172,22.101.1 




accept 




132 33.4 .-JO 


.Aip 


7 


clctpain-tidp 


ter.56 


m. 


. 31Jsn?8 12.45.49 


0 BSD... 172.22 101 .1 








2-06 1-0.30.100 


.idp* 


7 


dcr.‘tei:i-tid|.> 


ten 55 . 


2593 • 


31J»n?6 1Z45.43 


0dat. 172^2.101.1 




ST accept 


trip 


2-De.lD.3G. 155 


tep 


7 


sqind; 


lecpcrceteuJCDS.IO.^ 163:60; 


31J»n?£ 12:45,50 


0dat. 172.22.101.1 


£;^ 




Intc 


2D6.1 0.30.1 65 


ttp 


7 


1522 ’ 


tccojice tep.JC35.10.30.l63;60ter^org:i 


2534.'. 


31JW196 12:45.5-0 


0daa., 172.22.101.1 


£i«jy 


]5c accept 


lr.c 


206.10.^.153 


tep 


7 


1623; '■ 


;ec3-jrce tep. tf236.1 0.30.16S:eC!J01 0198 w 




31owi9e 12.45 50 


0daa. 172.22.101.1 


£ ; 


JE actfc|.-t 


irap 


296.1D.GG.163 


tt|j 


r 


1S24 


1 esovi ce dtp f/23S . 1 0 30,1 63; GCJcgl-l.'iriAwier e;.e?'R-kjy ia55l»**Lc r.r*iiairi3.. 


2535 


31-.ten90 12:45 5-0 


. 0dat... 172.22.101 1 


£;icg 


£ acced 


Iric 


296.10.GG.153 


tC|J 


? 


1523 


1 ecy-rce tep.J»23G.1030.16S:6C;c3!-l;'i-'A:<>j^erej.eT'Kid‘.li»3£link»f-ticu>fSsi.. 


2537 


31J»n9C 12:46 0? 


0dat.. 172.22.101.1 


£; !oy 


jBT aicep't 


tec 


206.1 3.GG. 153 


ict> 


? 


1523 


i etp-j ce tep /C06.1 0.30.1 6S:eCi-3T(.'«r, 


2533 


31v««n9t 12:46 13 


0 BiO... 172.22.101 1 


£ 


Ec accept 




2C6.irj1 9-3.-2G 


utni 


7 


donsin-U5«:- 


ter, 59 


259? 


,31-JipnO*; 12,4613 


0 090 1 72.22.1 01 1 


£.?rg 


Sc arrept 


Keai-A-j:^ 


?iV .110 195.15 


iri- 


? 


5043 ,- 


ier,4?, 


2G5? 


31v<an06 12:46 20 


0 P‘73 .. 172.22.101 1 




^ reject 


fiVfi 


1 42.60 24-G.2? 


ua-i 


11 


5C033 


ten 290 


2601 


3l .ten% 12:46 20 


0 ETiO .. 172.22.101 1 












? 


dcnwi-u^: 


te.->75 


260: 


3lJen'J9 12:46 21 


0 W3 .. 172.22.101 1 




S5 ocrept 


Rea;. A-jate 


■.‘iV.1 10 195.1? 


tep 


? 


504? 


ten 46 ■ 


?60.» 


.^1 ifln'rL 12 46 23 


0 P90. 172 . 22:101 1 


£: ^>3 


^ acred 


rro-;ic4i 


204.151 I43.22f. 


Lulti 


7 


rtp-u-fe) 


ter, 7f, 


2-604 


3lJfln39 12:4650 


0 • 172.22.101 1 






2349 


142.60 223.12? 


tep 


11 


;CO-‘.jeji 


ten 40 


2605 


3ljftn09 12:47-05 


0 P90 .. 172.22.101 1 




13 accept 


rtcewrv-Al'* 


1 34.123 134.10 


Udp 


7 


dori3tn-udp 


ten 75 



















FIGURE 36: FIREWALL-1 LOG FILE (SOURCE IP SUPPRESSED) 



er|c 

































HSIl'lMgllSfe 






" 


-;t: . 




Not:t'1oiir«W|d«?-F:, 




jlbteLVjT^c<S 


#<|Acti'on 


--HscfWcc1l|^C>cbtin»W 


,v|Plfbiib.■-^' 




I.|b^€ ' jinfi^ j 


1 3Uton08 9-44 95 


4 


0 dr»e £ *19 


12 sccep; 


nhsec-cttP 1 7;-, 22.1 OS 1 


ICp 


1060 




2 31^•6r\G8 i;-44-16 


2727 


0die £rs 


^ sccepi 


FVYi_tr.git« 172.22.105 I 


!CP 


?S59 • 




2 Sl.tenSO 12-46-21 


297C- 




52 Jvccepi 


Ra.-iiay(Ap 2W.11*,iy 18 


tep 


;-04« 


% 


4 31,ten98 12:45; 36 


29D6 


0 die.. £- 


52 JCceiK 


(^-UPP 2'D4.161.l 40,22s 




httMKfc 




c $14apS8 12:45:42 


29D7 


0d«.. £;*:g 


52 5CC^. 


demeirvudp 2-D2,tr.27.33 


ixp 


do«',«Jreucto 


i 


6 S1>>anS8 i:-4£;47 


29K 


0 dse.. £; 


1^ accep; 


aoma?i-udp 1 93.D.14 , 1 25 


udp 


ac>?r-«i',-udp 





FIGURE 37: FIREWALL-1 ACTIVE SESSIONS (SOURCE IP SUPPRESSED) 

NETWORK DESIGN 6^ BEST COPY AVAILABLE 





o 

UJ 

(/) 

(/) 

UJ 

QC 

Q. 

Q. 

3 

(/) 

Q. 

UJ 

O 

QC 

3 

O 

(/) 

CO 

UJ 

H 

>- 

CD 

Z 

o 

o 



UJ 

o 

CO 

UJ 

o 

o 

UJ 

H 

QC 

O 

cn 

UJ 

(/) 

< 

m 

< 

H 

< 

O 

o 

F 

z 

3 

o 

o 

o 

< 

(/) 

(/) 

UJ 

o 

o 

< 



< 

UJ 

QC 

U. 



UJ 

-I 

CD 

< 



er|c 



o 

V—=( 




o 

o 




BEST COPY AVAILABLE 



APPENDIX H 
ETHERNET PACKET 



Packet #1 
Flags: 0x00 

Status: 0x00 

Packet Length: 146 

Timestamp: 1 4:1 2:29.820935 02/04/1 998 

Ethernet Header 



Destination: 00:e0:b0:63:b3:eb 
Source: 00:60:08:a3:1 1 :bd 

Protocol Type:0x0800 IP 
IP Header - Internet Protocol Datagram 
Version: 4 

Header Length: 5 

Precedence: 0 

Type of Service: %000 

Unused: %00 

Total Length: 128 

Identifier: 39509 



Fragmentation Flags: %000 
Fragment Offset: 0 

Time To Live: 128 

IP Type: 0x01 ICMP 

Header Checksum: 0x7338 

Source IP Address: 142.60.253.6 

Dest. IP Address: 142.229.18.199 

No Internet Datagram Options 
ICMP - Internet Control Messages Protocol 
ICMP Type: 8 Echo Request 



Code: 0 

Checksum: 0x08e3 

Identifier: 0x0100 

Sequence Number. 26649 



ICMP Data Area: 

iGOB,l:M#?_Q3|fj a1 47 1 8 42 2c 49 3a 4d 23 3f 5f 51 33 7c cd 4a 
±VO]OWDWOw'^)>MO+ b1 56 1e 5d fc 57 9e 57 f8 77 5e 29 3e 4d 1c 2b 
0030^|&jb0“"^n£i0 f7 1f 33 15 87 7c 26 6a 62 Oc 93 22 c8 6e 7f Od 
DXg0O7|OOKOO¥aO6 44 58 67 30 1 4 37 7c Oc e9 4b e3 1 a a5 61 00 20 
0cD6ET610S V00MK fb 63 13 36 20 54 aa 31 eb 53 b7 56 19 03 4d 4b 
’OQ]0£j£i£)h|w')8] 92 07 51 5d da 20 a1 la 19 68 7c 77 60 29 38 5d 
OhOO 16 68 71 0b 

Frame Check Sequence: 0x2746cf98 



FIGURE 38: ETHERNET PACKET 




NETWORK DESIGN 



APPENDIX H: ETHERNET PACKET 101 



APPENDIX I 

JURISDICTION DOCUMENTATION 



jjp^ Apetiuio ~ EIPS ~ tS-Sali«buiy (Main Flooi){ 



Ste £cft 5revw^ 8 Djla yiw J^ndow ;M«|P 




■iM ^:.Qin .uri>y i> l■^^! 

B^Ol: Pick jtin object or draw a box VrourKliHQ obM^VouWm to itHm, (iiifthe F2 key io hide Re&tgjrig ih^c^eis^J ^ « : 



I^Startl lj] ^ ^ Exp^i.. jil^Cdend..,} ’SigHbo* .. | | |lSy Mbcn... | j|^ Ktiaos.,, | 



I ffwetM... IIS^I 



nn^ 



N 



ft 

ii ' 



h 



t-'* 



t' 

ft'* 




Beiiit-. 1 0 : 4 eAH I 



FIGURE 39: SCHOOL DIAGRAM 



BESTCOP Y AVAILABLE 




o 

ERIC 



1G3 



NETWORK DESIGN 



APPENDIX! 103 




FIGURE 40: El PS DIAGRAM 



BESfeoPYAVAIUBLE 




104 



104 network DESIGN 



APPENDIX I 






4 ^ I 






I.S.01 'fiwwBTiQt &#a ^^indow Swifirti -tlelp EcfitR^ords 



jmm 



Edit Records Dialog 



A|ta^..7 I bnd Fleids[ |j- Smm | 

f LpSiv7[ f ^ir4#: I |ir^o^‘“'| 

Objects Found 1 Now At; 1 




System 






i^' 


Manuttkcturer 


if 


Model 


OeC 3000 Model SOO , 


Serial Number 




CPU 


21064 1 ^ » 


Processor Speed ( 


150 1 




■, 


Memory 


256 M5 


1 




5XJ ’.V 




, d . 0 I. 



Alt )Style-UnnaiT^ed ~ 

iOfr F^OOi^DS: Use th$ Find^Figld^ fathton to choose xtfjiich fteM» yw wanito>6&arcb <m. or »ick gn oSiiacI rea«^ You.w^rtt to $C8^ 



IBsiartlRSi fe ^ |i^A^tU..ji[^^rofan-4’4^ |jfSb/^rt..:|BS^Ljnf^BS4^^ 



FIGURE 41: DETAILED INFRASTRUCTURE RECORDS 



best copy AVAIUBLE 




1G5 



o 

ERIC 



NETWORK DESIGN 



APPENDIX I 105 





r^ 

o 






CO 

LU 

K 

>- 

ffl 

o 

o 

o 

*> 

o 

o 

in 

CC 

LU 

> 

O 



X 

o 

z 

LU 

0. 

0. 

< 



o 



< 

CC 



LU 

z 

CC 

LU 



CO 

CO 

>- 

-J 

< 

z 

< 































> 

o 




I 












] — “ 

i 0 


0 


I 






































E 




1 












X 

0 


X 

0 
































o 








(N 
















CD 


c6 
































E 








JO 

> 






D 

CO 








D 


LO 

CM 


in 

CM 


' D 
















> 














’0 

> 

o 








o 

0 

■D 






D 

o 

> 








CO 

d 

c 


CO 

Q 

k_ 

0 


CO 

Q 

k_ 

0 


0 

d 
^ c 


' > 
o 


> 

0 

5 












o 

E 

c\i 

E 

CO 




> 

O 

E 


> 

o 




> 

o 


> 

o 


(/) 

o 

0 

ro 




> 

o 

E 


> 

o 

E 


> 

CO 

o 

■D 


i > 
i o 
iE 




o 

-5 

0 

a 

c 

o 


1 > 
o 


1 o 


> 

o 

E 


o 

0 

L. 

‘q 

!E 


5 

o 

”0 

c 

5 


5 

O 

”0 

c 

5 


o 
! 0 

id 

E 


E 

j5 

:1 


: C 
i 0 

i a 
a 

; D 

5 




> ^ 
0: 

C r 
k_ : 








0 

o 




uo 


E 

c\i 




E 

cvi 


E 

CO 






c6 

0 

CM 


CO 

0 


c 

s 

: C 


cb 

0 

CO 


> 


Id 


icb 

CD 


E 

CO 


d 

a 


1 ^ 
10 

”0 


CO 


d 

CM 


0 

;l/5 

”D 


id 

0 

;d 


0 

i_0 




l55 

0 








'SP 




0 


i 0 




0 


i 0 


x> 




0 


0 




0 


;< 


”0 


= CD 


'0 


0 


c 


CO 


: C 


' > 


! 




i 


?> 

0) 

o 






CM 

E 

CO 




*o 

0 

N 


*o 

i 0 
N 




“D 

0 

N 


ro 
i 0 

N 


« 

0 

c 




*o 

0 

N 


*o 

; 0 
N 


z 

1/5 

5 


■D 

0 

N 


> 

O 


c 

0 

JQ 

O 


r> 

i 0 


“D 
i 0 

i N 


k_ 

o 


D 

O 

0 


“D 

00 

CD 

CJ 


CO 

00 

o 

o 


D 

O 


i c 
; CD 


> 

0 

5 




> i 
0 ! 
5 








0 




0 


(55 




(55 


rS) 


o 




1/5 


^ 1/5 


0 


1/5 




C 


I'D 


1/5 


0 




£ 


CO 


; 


: E 




CO 






o 




0 

■> 


0 

■> 




0 

’> 


i 0) 
■> 


”D 




0 

’> 


: 0 
’> 


’> 
: 0 


0 

■> 


Q 

< 


D 

155 


! 0 
1 N 


; 0 


0 

Id 


*d 

0 

E 

:1d 

0 

E 

o 


CJ 


”0 

00 

00 

00 

jQ 

CO 


'd 
0 
I E 

i 0 
; 0 

E 
^ o 


0 
; 0 


id 
i 0 




d 1 
0 i 


<J) 

m 






_0 




o 

E 


o 
; E 




o 

E 


o 

E 


g 

; ’k_ 
0 
^ > 
0 
, p 




O 

E 


o 
; E 
: ^ 


Q 


o 

E 




Q 

o 


X 
: ^ 
! C 


O 

E 


0 

o 

> 


22 

00 

”0 


i-c 


i O 
JD 
”0 
; C 




Oi 

jQi 

”01 
C 1 


' : : 






0 

o 




CO 

N 

o 


CO 

N 

o 




CO 

N 

o 


CO 

N 

o 




CO 

N 

O 


CO 

N 

O 


0 

E 


iCO 
i N 

io 


p 


0 

“O 

D 


il5 
ro 
l 0 


CO 

N 

d 


iCO 

c 


0 

CO 

in 


CO 

in 


d 

d 


i D 

: o 
^ 0 




D ; 
O 
0 








00 




00 


00 




00 


00 






00 


00 




icq 




■4—' 


00 


CO 








00 


d 




d; 












CO 


CO 




CO 


CO 


o 

00 




cb 


cb 


00 

o 


icb 


CO 


0 

o 

CO 

00 


i N 

O 

00 

r^‘ 

CD 


cb 


o 


d 

00 


o 

00 


d 

<p 


id 

ioo 


c\i 


CO 

in 




CO 

in 








LO 




00 

CO 


00 

CO 




00 

CO 


00 

CO 


CD 

CO 




00 

CO 


00 

CO 


cb 


00 

CO 


CD 


00 

CO 


cb 


CD 

CM 


cb 


CD 

CM 


;lo 


CM 

CM 




CM 

C\ji 














T— 






i J— 


cvi 




y— 


: 'T— 


00 


1 1— 


00 


y— 




CD 


00 


in 


|CD 


i 'T— 


T— 




: 








c6 










7^ 


7^ 


CM 






ir^ 


: 


ir^ 




in 

CM 






cb 




CD 


cb 




d 






i 












CO 


CO 




CO 


CO 


CD 




CO 


: CO 


^ 1— 


CO 


cb 


in 


CO 


CO 


CD 


cb 


CO 


icb 


; 


in 




in 1 








CM 






; 1— 




T— 


: y— 


CM 




y— 


; T— 


ir^ 


y— 


CO 


CM 




y— 


T— 


y— 


CO 


CM 


1 y— 


CM 


CM 




CM 1 














ih- 






h- 


CO 






|r^ 






CD 


CM 


CD 




in 


00 


CD 




lob 








i 








O 




o 


O 




o 


o 


O 




O 


o 


o 


o 


o 


in 


o 


o 


o 


CM 


o 


O 


jCM 


;0 


o 




Oi 








CM 




CM 


|CM 




CM 


CM 


iCM 




CM 


CM 


CM 


CM 


CM 


y- 


CM 


CM 


CM 


y— 


CM 


CM 


; y— 


iCM 


CM 




CM} 








\ 






i ^ 






: ^ 








: ^ 


1 ^ 




: ^ 
















! ^ 


i ^ 






^ i 








Q 




Q 


i Q 




Q 


Q 


Q 




Q 


' d 


Q 


d 


d 


Q 


d 


d 


d 


d 


d 


d 


^ d 


1 Q 


d 




d 














! 






i 


f 




























: 


1 














-C 










-C 


-c: 


-C 




-C 


-C 


-C 


l-C 


-C 


£ 


-C 


-C 


-C 


£ 






£ 


£ 


£ 




sz 




00 


00 


CO 


00 


O 


CD 


CO 


CM 


"M- 


CO 


in 


CM 


1^ 


CM 


CD 


CO 


CO 


y— 


CM 


o 


CO 


CM 


in 


CO 


CO 


CO 


o 


CO 








CO 


00 


y— 


CO 


CO 


CO 


"M- 


CO 


1^ 




in 


00 


CO 


CO 


y— 


in 


CM 


r^ 


N. 


CO 




N. 


CD 


00 


Tj- 


o 


CO 

0 


o 




o 






in 




-T— 




o 


CD 


CO 


■M- 


CD 


■M- 


(D 


CO 


CM 


00 


CO 


T— 


in 


CM 


in 


CO^ 






CM 


in 


co" 


CO 


-r-’' 






co"^ 


cu 


cd’' 


cd'‘ 


in 


o' 


CO 


in 


co" 


■M-" 


cm" 


d 


oo" 


in" 


co" 


cm" 


K 


y^ 


CO 


y-^ 


oo" 


in" 


m 


in 


CM 


CO 


CM 




o 




y— 


o 


CO 


"M- 


CM 


CD 


y— 


CM 




■M- 






r^ 


CO 


CM 


T“ 


CD 


00 




00 


in 


CM 


in 


N. 


CO^ 


co^ 


co^ 


in 






CO 


N. 


in 


CO 


CJ 


-r- 


CD^ 


CD 


(D 


CD^ 


in 


in 


in 


in 








CO 


(O 


(jT 


K 


in 




co'' 




co' 


co' 


co' 


CO 


Csf 


cnT 


csT 


cJ 


cm" 




























CO 


in 


00 


CO 


O 


CO 


00 


in 


CD 


<r- 


CO 


CO 


CM 


CD 


in 


CD 


00 


00 


CO 


O 


CD 


r^ 


"M- 


■M- 


Tj- 


CD 


CM 


in 


00 


0 

sy 


O) 


CO 


CO 


N. 


in 




CD 


CM. 


o 


in 


o 


CO 


CO 


CO 


y— 


CO 


CM 




o 


CO 


00 




CM 


CM 


in 


in 




00 


cn 


CO 


CM 


CO 


CO 


'M' 


CO 


CO 


CD 


y— 




in 


CO 


CO 


00 


1^ 


in 


"M- 


■M- 


00 




CD 


CD 




CO 


in 


CO 




O 


CO 


CM 






CO 


CO 




in 


m 




00 






CM 


CO 


CO 


CM 


CM 


CM 




CM 


y— 


y— 


CM 


CM 


CM 


CM 


CM 


0 

CL 


CM 
























































■D 


























































<j> 

(/) 


00 


O 


in 


CM 




<f— 


CO 


<f— 




y— 




in 


O 


CD 




CD 


"M- 


CM 


CO 


y— 


CD 


00 






CM 


00 


"M- 


in 


CL 


CN 


'M' 








CO 




:in 


in 


in 


in 


(N 




in 


in 




CM 


CO 


yl; 


yl; 




in 


y; 


<P 


(2 


<p 


CJ 


yt 


CXJ 


O 


66 


66 


CD 


66 


66 


66 




66 


r^' 




in 


cb 


cvi 




in 


66 




cvi 




cvi 


in 




66 




66 


66 


in 


UJ 




CO 


CD 


CM 


CD 


CD 


(M 


CD 


o 


<p 




<p 


<p 


<p 


CD 


CD 


<p 


<P 


<p 


y— 




<p 


TT 




y— 








cvi 


CZ) 


1 — 


CD 


66 


66 


66 


i66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


66 


tr 

o 

CL 


CO 


in 


CM 


00 


CO 


N. 


o 


o 


CD 




CO 


CD 




CD 




CD 


N. 


N. 


00 


CO 


CM 


o 


CM 






00 


o 


CM 


CO 


m 


m 




M- i 


00 


00 


1^ 


CD 


00 




1^ 


N. 


S 


CO 


00 




in 




N. 




o 


o 


CM 


o 


in 


CD 




CD 


in 


o^\ 


o 


O I 


CM 


CM 


T“ 


CM 


CM 


CO 


T“ 


CM 


CM 




CM 


CM 


CM 


CM 


CM 


CO 


CM 


CO 


CO 


CM 


o 


CM 


o 


in 






CO 




CM ! 


y~~ 






' ^ 




y~~ 




y-“ 


y-“ 


y~~ : 


y— 


y~~ 


y~~ 


y~~ 


y~~ 




y~~ 








y~~ 






CO 


0 








i 

1 






o 








































o 


















"U 








































d 




c- 














D 








































i D 




0 






CL 




CL 


CL 


< 


X 


X 


X 


CO 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


< 


X 




CO 


CL 


1- 


CL 


1- 


1- 


0 


1- 


1- 


H 


Q_ 


1- 


1- 


1- i 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


i 0 


1- 




CD 


1— 


1- 


1— 


1- 


1- 


0 


1- 


1- 


1- 


o 


1- 


1- 


1- 1 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1- 


1 0 


1- 




CO 


LL 


X 


LL 


X 


X 


X 


X 


X 


X i 


X 


X ; 


X 


X I 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 


X 




CO 




N. 


O 


CM 


o 


CM 


in 




N. 


CO 


N. ; 


' 


00 


CM 


CM 


N. 


CO 


CM 


CM 


<T— 


CO 


CM 


CO 


in 


y— 


"M- 


CO 




CJ 


CO 








y— 


in 


Tt 




Tt 


in 


TT 




in 


CM 




in 


CM 


CM 


(D 


in 


(D 


OJ 


yl; 


CO 


CD 


lyf 


yl; 


0 


6i 


66 




66 




66 


cvi 




CD 


CD 


y— 


(b 


66 




CD 


66 


cb 






CD 




cvi 






cvi 


cb 


cb 




E 






CM 


TT 


CM 


cq 


in 


(T) 


OJ 


Tt i 


(O 


y; 




CM 




CM 


y— 


in 








in 


(N 


yr 


y^ 




:cj 


y— 


H- 






O 


lio 


CO 


(b 


66 


CO 


(b 




66 


(b 


cb 


66 


(b 


cvi 


in 


in 


cb 


in 


<b 


66 


66 


CD 


6i 


66 


66 


66 
























































i T“ 


T” 



UJ 

o 

< 

CL 

H 

X 

UJ 

z 

z 

o 

o 

UJ 



z 

o 

o 

CO 

o> 

o> 



in 

T” 

> 

CC 

< 



z 

< 

I 

z 

o 



< 

z 

H 

(/) 

LU 

O 

H 

LU 

Z 

DC 

LU 



CM 

LU 

DC 

3 

O 








LU 

«J 

CD 

3 

I 

> 

CL 

O 

O 

fe 

LU 

QQ 



g 

I CC 

DC 
O 



CD 




CD 

o 

r-H 



00 

o> 

o> 



lO 



> 

GC 

< 

3 

Z 

< 

I 

Z 

o 



< 

z 

H 

(0 

LU 

a 

H 

lU 

z 

GC 

LU 



CM 

LU 

GC 

3 

o 

lE 



oo 

o 

rH 




X 

Q 

z 

LU 

CL 

CL 

< 






APPENDIX K 

RELATED ALBERTA EDUCATION RESOURCES 



Computer Network Security: Best Practices for Alberta School Jurisdictions ( 1999 ). 

Developing A Three- Year Technology Integration Plan: A Resource for School 
Jurisdictions ( 1 998 ) . 

FOIPP and Technology: Best Practices for Alberta School Jurisdictions ( 1 999 ). 

FOIPP and Technology Highlights: Best Practices for Alberta School Jurisdictions 
( 1999 ). 

Implementing and Managing Web Site Development in Education: Best Practices for 
Alberta School Jurisdictions ( 1999 ). 

Managing Technology Funding: Best Practices for Alberta School Jurisdictions ( 1 999 ). 

On-Line Learning: Best Practices for Alberta School Jurisdictions ( 1 999 ). 

Preparing to Implement Learner Outcomes in Technology: Best Practices for Alberta 
School Jurisdictions ( 1 999 ) . 

Professional Development for Teaching Technology Across the Curriculum: Best 
Practices for Alberta School Jurisdictions ( 1999 ). 

Technical Support Planning: Best Practices for Alberta School Jurisdictions ( 1 999 ). 

Technology Implementation Review, Grande Yellowhead Regional Division No. 24 and 
Wolf Creek Regional Division No. 32: Best Practices and Key Learnings with Respect to 
Technology, Its Implementation and Management in Education {^ 997 ). 




NETWORK DESIGN 



APPENDIX K 109 




U.S. Department of Education 

Office of Educational Research and Improvement (OERI) 
National Library of Education (NLE) 
Educational Resources Information Center (ERIC) 




NOTICE 

REPROmiCTTON BASTS 




This document is covered by a signed “Reproduction Release 
(Blanket) form (on file within the ERIC system), encompassing all 
or classes of documents from its source organization and, therefore, 
does not require a “Specific Document” Release form. 




This document is Federally-funded, or carries its own permission to 
reproduce, or is otherwise in the public domain and, therefore, may 
be reproduced by ERIC without a signed Reproduction Release form 
(either “Specific Document” or “Blanket”). 




EFF-089 (9/97) 




